{
  "threat_severity" : "Low",
  "public_date" : "2024-05-01T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: tun: limit printing rate when illegal packet received by tun dev",
    "id" : "2278270",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2278270"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ntun: limit printing rate when illegal packet received by tun dev\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\nnet_ratelimit mechanism can be used to limit the dumping rate.\nPID: 33036    TASK: ffff949da6f20000  CPU: 23   COMMAND: \"vhost-32980\"\n#0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n#1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n#2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n#3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n#4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n[exception RIP: io_serial_in+20]\nRIP: ffffffff89792594  RSP: ffffa655314979e8  RFLAGS: 00000002\nRAX: ffffffff89792500  RBX: ffffffff8af428a0  RCX: 0000000000000000\nRDX: 00000000000003fd  RSI: 0000000000000005  RDI: ffffffff8af428a0\nRBP: 0000000000002710   R8: 0000000000000004   R9: 000000000000000f\nR10: 0000000000000000  R11: ffffffff8acbf64f  R12: 0000000000000020\nR13: ffffffff8acbf698  R14: 0000000000000058  R15: 0000000000000000\nORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018\n#5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n#6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n#7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n#8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n#9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n#10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n#11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n#12 [ffffa65531497b68] printk at ffffffff89318306\n#13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n#14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n#15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n#16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n#17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n#18 [ffffa65531497f10] kthread at ffffffff892d2e72\n#19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f", "In the Linux kernel, the following vulnerability has been resolved:\ntun: limit printing rate when illegal packet received by tun dev\nThe Linux kernel CVE team has assigned CVE-2024-27013 to this issue.\nUpstream advisory:\nhttps://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27013-2c26@gregkh/T" ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-09-24T00:00:00Z",
    "advisory" : "RHSA-2024:7001",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-09-24T00:00:00Z",
    "advisory" : "RHSA-2024:7000",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.22.1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "release_date" : "2025-05-28T00:00:00Z",
    "advisory" : "RHSA-2025:8248",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.4",
    "package" : "kernel-0:5.14.0-427.70.1.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-27013\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27013\nhttps://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27013-2c26@gregkh/T" ],
  "name" : "CVE-2024-27013",
  "csaw" : false
}