QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-50258

Back to search

CVE-2024-50258

Published: Nov 9, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small gso_max_size/gso_ipv4_max_size will lead to an underflow in sk_dst_gso_max_size(), which may trigger a BUG_ON crash, because sk->sk_gso_max_size would be much bigger than device limits. Call Trace: tcp_write_xmit tso_segs = tcp_init_tso_segs(skb, mss_now); tcp_set_skb_tso_segs tcp_skb_pcount_set // skb->len = 524288, mss_now = 8 // u16 tso_segs = 524288/8 = 65535 -> 0 tso_segs = DIV_ROUND_UP(skb->len, mss_now) BUG_ON(!tso_segs) Add check for the minimum value of gso_max_size and gso_ipv4_max_size.

VendorProductVersions

Linux

Linux

affected
46e6b992c2502b094e61da6994f1363f3b7c1413 - < 90c8482a5d9791259ba77bfdc1849fc5128b4be7
affected
46e6b992c2502b094e61da6994f1363f3b7c1413 - < e9365368b483328639c03fc730448dccd5a25b6b
affected
46e6b992c2502b094e61da6994f1363f3b7c1413 - < ac5977001eee7660c643f8e07a2de9001990b7b8
affected
46e6b992c2502b094e61da6994f1363f3b7c1413 - < e72fd1389a5364bc6aa6312ecf30bdb5891b9486
affected
46e6b992c2502b094e61da6994f1363f3b7c1413 - < 9ab5cf19fb0e4680f95e506d6c544259bf1111c4

Linux

Linux

affected
4.16
unaffected
0 - < 4.16
unaffected
5.15.181 - <= 5.15.*
unaffected
6.1.120 - <= 6.1.*
unaffected
6.6.60 - <= 6.6.*

+2 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now