{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42281", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-30T07:40:12.261Z", "datePublished": "2024-08-17T09:08:48.477Z", "dateUpdated": "2025-05-04T09:25:51.055Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:25:51.055Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a segment issue when downgrading gso_size\n\nLinearize the skb when downgrading gso_size because it may trigger a\nBUG_ON() later when the skb is segmented as described in [1,2]."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/filter.c"], "versions": [{"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "a689f5eb13a90f892a088865478b3cd39f53d5dc", "status": "affected", "versionType": "git"}, {"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "dda518dea60d556a2d171c0122ca7d9fdb7d473a", "status": "affected", "versionType": "git"}, {"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "f6bb8c90cab97a3e03f8d30e3069efe6a742e0be", "status": "affected", "versionType": "git"}, {"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "11ec79f5c7f74261874744039bc1551023edd6b2", "status": "affected", "versionType": "git"}, {"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "c3496314c53e7e82ddb544c825defc3e8c0e45cf", "status": "affected", "versionType": "git"}, {"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "ec4eea14d75f7b0491194dd413f540dd19b8c733", "status": "affected", "versionType": "git"}, {"version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "fa5ef655615a01533035c6139248c5b33aa27028", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/filter.c"], "versions": [{"version": "4.13", "status": "affected"}, {"version": "0", "lessThan": "4.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.282", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.224", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.165", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.103", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.44", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.3", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "5.4.282"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "5.10.224"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "5.15.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "6.1.103"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "6.6.44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "6.10.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.13", "versionEndExcluding": "6.11"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a689f5eb13a90f892a088865478b3cd39f53d5dc"}, {"url": "https://git.kernel.org/stable/c/dda518dea60d556a2d171c0122ca7d9fdb7d473a"}, {"url": "https://git.kernel.org/stable/c/f6bb8c90cab97a3e03f8d30e3069efe6a742e0be"}, {"url": "https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2"}, {"url": "https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf"}, {"url": "https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733"}, {"url": "https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33aa27028"}], "title": "bpf: Fix a segment issue when downgrading gso_size", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42281", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:11:36.471436Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:30.904Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42281", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:11:36.471436Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:23.787Z"}}], "cna": {"title": "bpf: Fix a segment issue when downgrading gso_size", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "a689f5eb13a90f892a088865478b3cd39f53d5dc", "versionType": "git"}, {"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "dda518dea60d556a2d171c0122ca7d9fdb7d473a", "versionType": "git"}, {"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "f6bb8c90cab97a3e03f8d30e3069efe6a742e0be", "versionType": "git"}, {"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "11ec79f5c7f74261874744039bc1551023edd6b2", "versionType": "git"}, {"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "c3496314c53e7e82ddb544c825defc3e8c0e45cf", "versionType": "git"}, {"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "ec4eea14d75f7b0491194dd413f540dd19b8c733", "versionType": "git"}, {"status": "affected", "version": "2be7e212d5419a400d051c84ca9fdd083e5aacac", "lessThan": "fa5ef655615a01533035c6139248c5b33aa27028", "versionType": "git"}], "programFiles": ["net/core/filter.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.13"}, {"status": "unaffected", "version": "0", "lessThan": "4.13", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.282", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.224", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.165", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.103", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.44", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.3", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/core/filter.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a689f5eb13a90f892a088865478b3cd39f53d5dc"}, {"url": "https://git.kernel.org/stable/c/dda518dea60d556a2d171c0122ca7d9fdb7d473a"}, {"url": "https://git.kernel.org/stable/c/f6bb8c90cab97a3e03f8d30e3069efe6a742e0be"}, {"url": "https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2"}, {"url": "https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf"}, {"url": "https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733"}, {"url": "https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33aa27028"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a segment issue when downgrading gso_size\n\nLinearize the skb when downgrading gso_size because it may trigger a\nBUG_ON() later when the skb is segmented as described in [1,2]."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.282", "versionStartIncluding": "4.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.224", "versionStartIncluding": "4.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.165", "versionStartIncluding": "4.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.103", "versionStartIncluding": "4.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.44", "versionStartIncluding": "4.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.10.3", "versionStartIncluding": "4.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.11", "versionStartIncluding": "4.13"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:25:51.055Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42281", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:25:51.055Z", "dateReserved": "2024-07-30T07:40:12.261Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-17T09:08:48.477Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0447E20-FE60-4E4C-ACC0-5E5B7601924F", "versionEndExcluding": "5.4.282", "versionStartIncluding": "4.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CCEDF13-293D-4E64-B501-4409D0365AFE", "versionEndExcluding": "5.10.224", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E2B568-3171-41DE-B519-F2B1A3600D94", "versionEndExcluding": "5.15.165", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E45EAC72-8329-4F99-8276-86AF9BB3496A", "versionEndExcluding": "6.1.103", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC912330-6B41-4C6B-99AF-F3857FBACB6A", "versionEndExcluding": "6.6.44", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "92D388F2-1EAF-4CFA-AC06-5B26D762EA7D", "versionEndExcluding": "6.10.3", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a segment issue when downgrading gso_size\n\nLinearize the skb when downgrading gso_size because it may trigger a\nBUG_ON() later when the skb is segmented as described in [1,2]."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: soluciona un problema de segmento al degradar gso_size Lineariza el skb al degradar gso_size porque puede desencadenar un BUG_ON() m\u00e1s adelante cuando el skb se segmenta como se describe en [1,2]."}], "id": "CVE-2024-42281", "lastModified": "2025-10-02T18:33:25.860", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-17T09:15:09.013", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a689f5eb13a90f892a088865478b3cd39f53d5dc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dda518dea60d556a2d171c0122ca7d9fdb7d473a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f6bb8c90cab97a3e03f8d30e3069efe6a742e0be"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33aa27028"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: bpf: Fix a segment issue when downgrading gso_size", "id": "2305426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305426"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nbpf: Fix a segment issue when downgrading gso_size\nLinearize the skb when downgrading gso_size because it may trigger a\nBUG_ON() later when the skb is segmented as described in [1,2].", "A denial of service vulnerability was found in the Linux kernel. Downgrading gso_size may trigger a crash, resulting in a loss of\u00a0system availability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42281", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42281\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42281\nhttps://lore.kernel.org/linux-cve-announce/2024081743-CVE-2024-42281-780b@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-13T11:32:11.494118+00:00", "updated": "2025-07-13T11:32:11.494173+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}