CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-11614

Medium Severity
SVRS
30/100
CVSSv3
7.4/10
EPSS
0.00119/1

CVE-2024-11614: Out-of-bounds read vulnerability in DPDK Vhost library allows crashing hypervisor's vSwitch. A compromised guest can forge Virtio descriptors leading to out-of-bounds reads, causing a denial of service. This flaw enables an attacker controlling a malicious VM with a virtio driver to crash the vhost-user side by sending a crafted packet with a Tx checksum offload request and an invalid csum_start offset. While the CVSS score is 7.4, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a relatively lower immediate risk compared to critical vulnerabilities. However, the "In The Wild" tag suggests potential exploitation. This issue could destabilize virtualized environments and disrupt network services. Organizations using DPDK's Vhost library should apply necessary patches to prevent potential attacks.

TAGS
In The Wild
X_refsource_REDHAT
Vdb-entry
Vendor-advisory
Issue-tracking
VECTOR STRING
CVSS:3.0
AV:A
AC:L
PR:N
UI:N
S:C
C:N
I:N
A:H
PUBLICATION DATE2024-12-18
LAST MODIFIED2025-04-17
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-11614 is an out-of-bounds read vulnerability in the Vhost library checksum offload feature of DPDK. This vulnerability could allow a malicious guest virtual machine (VM) to crash the hypervisor's vSwitch by manipulating Virtio descriptors, causing the vhost-user side to read outside of allocated memory. This is a serious vulnerability that can result in denial of service attacks and potentially lead to further system compromise.

While the CVSS score is 7.4, the SOCRadar Vulnerability Risk Score (SVRS) for this vulnerability is 30, indicating a moderate risk level. This discrepancy is due to the SVRS incorporating additional factors like threat actor activity, exploit availability, and real-world impact, which the CVSS does not consider.

Key Insights

  • Exploitable by Untrusted Guests: This vulnerability allows malicious guests to exploit the hypervisor's vSwitch, potentially leading to denial-of-service attacks and other security breaches.
  • Potential for System Compromise: While the primary impact is a denial-of-service, this vulnerability can create opportunities for attackers to gain further access to the system.
  • Limited Public Information: There are currently no known threat actors actively exploiting CVE-2024-11614, and no active exploits have been publicly reported. However, the vulnerability's nature poses a significant risk.

Mitigation Strategies

  • Patching: Implement the latest security patches for DPDK to address this vulnerability. This is the most critical step in mitigating this vulnerability.
  • Virtualization Security: Employ robust security measures for virtualized environments. This includes strong password policies, network segmentation, and appropriate isolation techniques for guest VMs.
  • Vulnerability Monitoring: Implement tools to monitor for potential exploits related to CVE-2024-11614 and other vulnerabilities.
  • Security Awareness: Train users to be vigilant against malicious activity and to report suspicious behavior.

Additional Information

If you have further questions or require additional information regarding this incident, please use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for assistance.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-11614 | DPDK Vhost Library Checksum Offload out-of-bounds
vuldb.com2024-12-17
CVE-2024-11614 | DPDK Vhost Library Checksum Offload out-of-bounds | A vulnerability was found in DPDK and classified as critical. This issue affects some unknown processing of the component Vhost Library Checksum Offload Handler. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-11614. Local access is required to approach this attack. There is no exploit
vuldb.com
rss
forum
news
CVE-2024-11614: DPDK Vhost Rx checksum vulnerability
2024-12-17
CVE-2024-11614: DPDK Vhost Rx checksum vulnerability | Posted by Maxime Coquelin on Dec 17A vulnerability was fixed in DPDK. Some downstream stakeholders were warned in advance through security-prerelease () dpdk org in order to coordinate the release of fixes and reduce the vulnerability window [0]. A malicious guest using a virtio driver can cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and
seclists.org
rss
forum
news

Social Media

CVE-2024-11614 An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hype… https://t.co/ycLu1ZvZiF
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/12/17/3
[email protected]https://access.redhat.com/security/cve/CVE-2024-11614
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2327955
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/12/17/3
[email protected]https://access.redhat.com/errata/RHSA-2025:0208
[email protected]https://access.redhat.com/errata/RHSA-2025:0209
[email protected]https://access.redhat.com/errata/RHSA-2025:0210
[email protected]https://access.redhat.com/errata/RHSA-2025:0220
[email protected]https://access.redhat.com/errata/RHSA-2025:0221
[email protected]https://access.redhat.com/errata/RHSA-2025:0222
[email protected]https://access.redhat.com/security/cve/CVE-2024-11614
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2327955
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/12/17/3
[email protected]https://access.redhat.com/errata/RHSA-2025:0208
[email protected]https://access.redhat.com/errata/RHSA-2025:0209
[email protected]https://access.redhat.com/errata/RHSA-2025:0210
[email protected]https://access.redhat.com/errata/RHSA-2025:0211
[email protected]https://access.redhat.com/errata/RHSA-2025:0220
[email protected]https://access.redhat.com/errata/RHSA-2025:0221
[email protected]https://access.redhat.com/errata/RHSA-2025:0222
[email protected]https://access.redhat.com/security/cve/CVE-2024-11614
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2327955
RHBZ#2327955https://bugzilla.redhat.com/show_bug.cgi?id=2327955
RHSA-2025:0208https://access.redhat.com/errata/RHSA-2025:0208
RHSA-2025:0209https://access.redhat.com/errata/RHSA-2025:0209
RHSA-2025:0210https://access.redhat.com/errata/RHSA-2025:0210
RHSA-2025:0211https://access.redhat.com/errata/RHSA-2025:0211
RHSA-2025:0220https://access.redhat.com/errata/RHSA-2025:0220
RHSA-2025:0221https://access.redhat.com/errata/RHSA-2025:0221
RHSA-2025:0222https://access.redhat.com/errata/RHSA-2025:0222
RHBZ#2327955https://bugzilla.redhat.com/show_bug.cgi?id=2327955
RHSA-2025:0208https://access.redhat.com/errata/RHSA-2025:0208
RHSA-2025:0209https://access.redhat.com/errata/RHSA-2025:0209
RHSA-2025:0210https://access.redhat.com/errata/RHSA-2025:0210
RHSA-2025:0211https://access.redhat.com/errata/RHSA-2025:0211
RHSA-2025:0220https://access.redhat.com/errata/RHSA-2025:0220
RHSA-2025:0221https://access.redhat.com/errata/RHSA-2025:0221
RHSA-2025:0222https://access.redhat.com/errata/RHSA-2025:0222
RHBZ#2327955https://bugzilla.redhat.com/show_bug.cgi?id=2327955
RHSA-2025:0208https://access.redhat.com/errata/RHSA-2025:0208
RHSA-2025:0209https://access.redhat.com/errata/RHSA-2025:0209
RHSA-2025:0210https://access.redhat.com/errata/RHSA-2025:0210
RHSA-2025:0211https://access.redhat.com/errata/RHSA-2025:0211
RHSA-2025:0220https://access.redhat.com/errata/RHSA-2025:0220
RHSA-2025:0221https://access.redhat.com/errata/RHSA-2025:0221
RHSA-2025:0222https://access.redhat.com/errata/RHSA-2025:0222
RHSA-2025:3963https://access.redhat.com/errata/RHSA-2025:3963
RHSA-2025:3964https://access.redhat.com/errata/RHSA-2025:3964
RHSA-2025:3965https://access.redhat.com/errata/RHSA-2025:3965
RHSA-2025:3970https://access.redhat.com/errata/RHSA-2025:3970
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/12/17/3
[email protected]https://access.redhat.com/errata/RHSA-2025:0208
[email protected]https://access.redhat.com/errata/RHSA-2025:0209
[email protected]https://access.redhat.com/errata/RHSA-2025:0210
[email protected]https://access.redhat.com/errata/RHSA-2025:0211
[email protected]https://access.redhat.com/errata/RHSA-2025:0220
[email protected]https://access.redhat.com/errata/RHSA-2025:0221
[email protected]https://access.redhat.com/errata/RHSA-2025:0222
[email protected]https://access.redhat.com/errata/RHSA-2025:3963
[email protected]https://access.redhat.com/errata/RHSA-2025:3964
[email protected]https://access.redhat.com/errata/RHSA-2025:3965
[email protected]https://access.redhat.com/errata/RHSA-2025:3970
[email protected]https://access.redhat.com/security/cve/CVE-2024-11614
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2327955

CWE Details

CWE IDCWE NameDescription
CWE-125Out-of-bounds ReadThe software reads data past the end, or before the beginning, of the intended buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence