cve 2024 0646

About this tag
CVE-2024-0646 is a critical Linux kernel vulnerability involving an out-of-bounds write in the kTLS splice path. When the splice() syscall is used with a kTLS socket as the destination, the kernel can write past allocated memory, potentially causing system crashes or enabling local privilege escalation. This flaw affects the intersection of high-performance I/O and kernel TLS offload, and it has been confirmed by multiple vendors. System administrators and security professionals should prioritize patching affected kernels to mitigate the risk of exploitation.
  1. CVE-2024-0646: Kernel OOB write in kTLS splice path risks crash

    A critical Linux-kernel flaw tracked as CVE-2024-0646 allows the kernel’s kTLS path to write past intended memory bounds when a user calls splice() with a kTLS socket as the destination, producing out‑of‑bounds writes that can crash the system or — in the worst case — be weaponized for local...