{"uuid": "0c65215d-5d43-4b19-87c2-0dd4187cf9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41091", "type": "seen", "source": "https://t.me/cvedetector/1816", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41091 - Linux TUN Network Stack Ethernet Header Length Validation Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-41091 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ntun: add missing verification for short frame  \n  \nThe cited commit missed to check against the validity of the frame length  \nin the tun_xdp_one() path, which could cause a corrupted skb to be sent  \ndownstack. Even before the skb is transmitted, the  \ntun_xdp_one-->eth_type_trans() may access the Ethernet header although it  \ncan be less than ETH_HLEN. Once transmitted, this could either cause  \nout-of-bound access beyond the actual length, or confuse the underlayer  \nwith incorrect or inconsistent header length in the skb metadata.  \n  \nIn the alternative path, tun_get_user() already prohibits short frame which  \nhas the length less than Ethernet header size from being transmitted for  \nIFF_TAP.  \n  \nThis is to drop any frame shorter than the Ethernet header size just like  \nhow tun_get_user() does.  \n  \nCVE: CVE-2024-41091 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:06.000000Z"}