CVE-2024-11614 HIGH

CVE-2024-11614: Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library

Vendor Red Hat
Product Fast Datapath for RHEL 7
Weakness CWE-125
Published December 18, 2024
Last update November 20, 2025

CVSS base score

7.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.

Key dates

02Disclosure timeline

December 18, 2024 CVE published
November 20, 2025 Record updated