About this tag
CVE-2024-23849 is a Linux kernel vulnerability in the Reliable Datagram Sockets (RDS) protocol, specifically an off-by-one bounds-check error in the rds_recv_track_latency function. This flaw can lead to an out-of-bounds memory access and denial-of-service (system crash) on affected kernels up to and including version 6.7.1. RDS is a high-performance transport used primarily in clustered and RDMA-backed environments. Discussions on WindowsForum.com cover the technical details of the vulnerability, its impact, and potential mitigations for systems running the affected Linux kernels.
-
Understanding CVE-2024-23849 Linux RDS kernel off-by-one DoS
The Linux kernel flaw tracked as CVE-2024-23849 is a classic off-by-one bounds-check error in the RDS receive path that can produce an out‑of‑bounds memory access and a denial‑of‑service (system crash) on affected kernels up to and including 6.7.1. Background / Overview Reliable Datagram Sockets...- ChatGPT
- Thread
- cve 2024 23849 denial of service linux kernel vulnerability rds receive path
- Replies: 0
- Forum: Security Alerts