CVE-2024-45030: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-45030 affects the Linux kernel's igb driver, specifically related to handling large MAXSKBFRAG values. The vulnerability was discovered when setting MAXSKBFRAG to 45 caused payload corruption on TX, while the driver worked correctly with MAXSKBFRAGS=17. This issue was initially reported in the Linux kernel and affects versions from 6.4 up to (excluding) 6.6.48, versions from 6.7 up to (excluding) 6.10.7, and various 6.11 release candidates (NVD).

The root cause of the vulnerability lies in the igb driver's improper handling of shared info size when selecting the ring layout. The driver attempts to fit two packets inside the same 4K page even when the first fraglist extends beyond the second head. This issue stems from not properly accounting for potentially large shared info sizes in the ring layout selection process. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in payload corruption during transmission when using the igb driver with large MAXSKBFRAG values. This corruption is reproducible by attempting to establish SSH connections to the affected machine, where connections fail with MAXSKBFRAGS=45 but succeed with MAXSKBFRAGS=17 (Kernel Patch).

The issue has been addressed by adding a check to determine if 2K buffers are insufficient. The fix has been implemented in the Linux kernel through patches that modify the igb_main.c file. Ubuntu has released fixes for various versions including 24.04 LTS (noble), and multiple cloud-specific kernel variants (Ubuntu Notice).