cve 2024 23849

About this tag
CVE-2024-23849 is a Linux kernel vulnerability in the Reliable Datagram Sockets (RDS) protocol, specifically an off-by-one bounds-check error in the rds_recv_track_latency function. This flaw can lead to an out-of-bounds memory access and denial-of-service (system crash) on affected kernels up to and including version 6.7.1. RDS is a high-performance transport used primarily in clustered and RDMA-backed environments. Discussions on WindowsForum.com cover the technical details of the vulnerability, its impact, and potential mitigations for systems running the affected Linux kernels.
  1. Understanding CVE-2024-23849 Linux RDS kernel off-by-one DoS

    The Linux kernel flaw tracked as CVE-2024-23849 is a classic off-by-one bounds-check error in the RDS receive path that can produce an out‑of‑bounds memory access and a denial‑of‑service (system crash) on affected kernels up to and including 6.7.1. Background / Overview Reliable Datagram Sockets...