CVE-2024-26857: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's GENEVE (Generic Network Virtualization Encapsulation) network driver, identified as CVE-2024-26857. The issue was discovered by syzbot and affects the geneve_rx() function. The vulnerability was first reported on April 17, 2024, and impacts various Linux kernel versions (Kernel Git).

The vulnerability stems from improper handling of network headers in the geneverx() function. The issue is similar to a previously fixed vulnerability in ip6tunnel (commit 8d975c15c0cd). The bug occurs because the network header pointer needs to be saved in a temporary variable before calling pskbinetmaypull(), which might change skb->head. This leads to potential use of uninitialized values in the IPECN_decapsulate function (Kernel Git). The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a denial of service condition through system crashes when processing GENEVE network packets. The issue specifically affects systems using GENEVE tunneling functionality (NVD).

The vulnerability has been fixed in multiple Linux kernel versions through a patch that properly handles the network header pointer in geneverx(). The fix involves saving the network header offset before calling pskbinetmaypull() and recomputing it afterward. Various Linux distributions have released updates incorporating this fix (Debian LTS).