Description
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_payload: sanitize offset and length before calling skb_checksum()
If access to offset + length is larger than the skbuff length, then
skb_checksum() triggers BUG_ON().
skb_checksum() internally subtracts the length parameter while iterating
over skbuff, BUG_ON(len) at the end of it checks that the expected
length to be included in the checksum calculation is fully consumed.
netfilter: nft_payload: sanitize offset and length before calling skb_checksum()
If access to offset + length is larger than the skbuff length, then
skb_checksum() triggers BUG_ON().
skb_checksum() internally subtracts the length parameter while iterating
over skbuff, BUG_ON(len) at the end of it checks that the expected
length to be included in the checksum calculation is fully consumed.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux | unaffected |
|
|||||||||||||||||||||||||||||||||
| Linux | Linux | affected |
|
Configuration 1 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 9 | |||
| kernel-0:5.14.0-503.16.1.el9_5 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2024:10939 | 2024-12-11T00:00:00Z |
| kernel-0:5.14.0-503.16.1.el9_5 | cpe:/o:redhat:enterprise_linux:9 | RHSA-2024:10939 | 2024-12-11T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-4008-1 | linux-6.1 security update |
| Debian DLA |
DLA-4075-1 | linux security update |
 Debian DSA |
DSA-5818-1 | linux security update |
 Ubuntu USN |
USN-7276-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7277-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7288-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7288-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-3 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-4 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7291-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7293-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-3 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-4 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7295-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7305-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7308-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7310-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7331-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7388-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7389-1 | Linux kernel (NVIDIA Tegra) vulnerabilities |
| Ubuntu USN |
USN-7390-1 | Linux kernel (Xilinx ZynqMP) vulnerabilities |
| Ubuntu USN |
USN-7393-1 | Linux kernel (FIPS) vulnerabilities |
| Ubuntu USN |
USN-7401-1 | Linux kernel (AWS) vulnerabilities |
| Ubuntu USN |
USN-7413-1 | Linux kernel (IoT) vulnerabilities |
| Ubuntu USN |
USN-7449-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7449-2 | Linux kernel (HWE) vulnerabilities |
| Ubuntu USN |
USN-7450-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7451-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7452-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7453-1 | Linux kernel (Real-time) vulnerabilities |
| Ubuntu USN |
USN-7458-1 | Linux kernel (IBM) vulnerabilities |
| Ubuntu USN |
USN-7468-1 | Linux kernel (Azure, N-Series) vulnerabilities |
| Ubuntu USN |
USN-7523-1 | Linux kernel (Raspberry Pi Real-time) vulnerabilities |
| Ubuntu USN |
USN-7524-1 | Linux kernel (Raspberry Pi) vulnerabilities |
| Ubuntu USN |
USN-7539-1 | Linux kernel (Raspberry Pi) vulnerabilities |
| Ubuntu USN |
USN-7540-1 | Linux kernel (Raspberry Pi) vulnerabilities |
References
History
Tue, 12 May 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 03 Nov 2025 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 03 Nov 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Thu, 12 Dec 2024 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat
Redhat enterprise Linux |
|
| CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux |
Fri, 22 Nov 2024 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Fri, 22 Nov 2024 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Thu, 14 Nov 2024 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Linux
Linux linux Kernel |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:* |
|
| Vendors & Products |
Linux
Linux linux Kernel |
|
| Metrics |
cvssV3_1
|
Sat, 09 Nov 2024 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed. | |
| Title | netfilter: nft_payload: sanitize offset and length before calling skb_checksum() | |
| References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2026-05-12T12:00:38.265Z
Reserved: 2024-10-21T19:36:19.979Z
Link: CVE-2024-50251
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-11-09T11:15:10.900
Modified: 2026-05-12T13:16:20.030
Link: CVE-2024-50251
Redhat
OpenCVE Enrichment
No data.
Weaknesses