Vulnerability identifier: #VU91433

Vulnerability risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26861

CWE-ID: CWE-366

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the decrypt_packet(), counter_validate() and wg_packet_rx_poll() functions in drivers/net/wireguard/receive.c. A local user can manipulate data.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

---

External links
http://git.kernel.org/stable/c/f87884e0dffd61b47e58bc6e1e2f6843c212b0cc
http://git.kernel.org/stable/c/d691be84ab898cf136a35176eaf2f8fc116563f0
http://git.kernel.org/stable/c/45a83b220c83e3c326513269afbf69ae6fc65cce
http://git.kernel.org/stable/c/78739d72f16b2d7d549f713f1dfebd678d32484b
http://git.kernel.org/stable/c/3f94da807fe1668b9830f0eefbbf7e887b0a7bc6
http://git.kernel.org/stable/c/fdf16de078a97bf14bb8ee2b8d47cc3d3ead09ed
http://git.kernel.org/stable/c/bba045dc4d996d03dce6fe45726e78a1a1f6d4c3

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.