CVE-2024-11614
Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
CVSS Score
7.4
EPSS Score
0.0%
EPSS Percentile
0th
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
| CWE | CWE-125 |
| Published | Dec 18, 2024 |
| Last Updated | Nov 20, 2025 |
Stay Ahead of the Next One
Get instant alerts for
Be the first to know when new high vulnerabilities are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Versions
Red Hat / Fast Datapath for Red Hat Enterprise Linux 8
All versions affected Red Hat / Fast Datapath for Red Hat Enterprise Linux 9
All versions affected Red Hat / Fast Datapath for Red Hat Enterprise Linux 9
All versions affected Red Hat / Fast Datapath for Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
All versions affected Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 8.8 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.2 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected Red Hat / Fast Datapath for RHEL 7
All versions affected Red Hat / Fast Datapath for RHEL 7
All versions affected Red Hat / Fast Datapath for RHEL 7
All versions affected Red Hat / Fast Datapath for RHEL 7
All versions affected Red Hat / Fast Datapath for RHEL 7
All versions affected Red Hat / Fast Datapath for RHEL 8
All versions affected Red Hat / Fast Datapath for RHEL 8
All versions affected Red Hat / Fast Datapath for RHEL 8
All versions affected Red Hat / Fast Datapath for RHEL 8
All versions affected Red Hat / Fast Datapath for RHEL 8
All versions affected Red Hat / Fast Datapath for RHEL 8
All versions affected Red Hat / Fast Datapath for RHEL 9
All versions affected Red Hat / Fast Datapath for RHEL 9
All versions affected Red Hat / Fast Datapath for RHEL 9
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0208 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0209 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0210 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0211 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0220 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0221 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:0222 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3963 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3964 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3965 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:3970 access.redhat.com: https://access.redhat.com/security/cve/CVE-2024-11614 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2327955 openwall.com: http://www.openwall.com/lists/oss-security/2024/12/17/3