CVE-2024-40999 Information

Description

In the Linux kernel the following vulnerability has been resolved:

net: ena: Add validation for completion descriptors consistency

Validate that first flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor a reset will occur. A new reset reason for RX data corruption has been added.

Reference

https://git.kernel.org/stable/c/42146ee5286f16f1674a84f7c274dcca65c6ff2e https://git.kernel.org/stable/c/b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7