Home > Vulnerability Database > CVE-2024-11614

Mend.io Vulnerability Database

CVE-2024-11614

Date: December 18, 2024

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.

Language: C

Severity Score

7.4

Related Resources (16)

Url: https://access.redhat.com/security/cve/CVE-2024-11614

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-11614

Url: https://access.redhat.com/errata/RHSA-2025:0208

Url: https://access.redhat.com/errata/RHSA-2025:0209

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2327955

Url: https://access.redhat.com/errata/RHSA-2025:3965

Url: https://access.redhat.com/errata/RHSA-2025:0222

Url: https://access.redhat.com/errata/RHSA-2025:0211

Url: https://access.redhat.com/errata/RHSA-2025:3963

Url: https://access.redhat.com/errata/RHSA-2025:0210

Url: https://access.redhat.com/errata/RHSA-2025:0221

Url: https://access.redhat.com/errata/RHSA-2025:3964

Url: http://www.openwall.com/lists/oss-security/2024/12/17/3

Url: https://access.redhat.com/errata/RHSA-2025:3970

Url: https://access.redhat.com/errata/RHSA-2025:0220

Url: https://www.mend.io/vulnerability-database/CVE-2024-11614

Severity Score

7.4

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

CVSS v3.1

Base Score:	7.4
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-11614

Date: December 18, 2024

Language: C

Severity Score

Related Resources (16)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?