CVE-2024-58099

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 29, 2025

Updated: May 9, 2025

CWE ID 787

Summary

CVE-2024-58099 is a vulnerability affecting the Linux kernel's vmxnet3 driver. Reported by Andrew and Nikolay, this issue arises when a BPF program for native XDP adds an encapsulation header like IPIP and transmits the packet out the same interface using vmxnet3. In such cases, the vmxnet3_xdp_xmit_frame() function calculates an incorrect DMA address, leading to packet corruption and subsequent dropping on the path. The assumption of a fixed offset (VMXNET3_XDP_HEADROOM) in the function is incorrect, as the XDP BPF program could have moved xdp->data. To rectify this, the dma_addr needs to have a dynamic offset which can be calculated as xdpf->data - (void *)xdpf, that is, xdp->data - xdp->data_hard_start.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners