CVE-2024-11614
Description
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
DPDK Vhost library checksum offload out-of-bounds read allows a malicious VM to crash the hypervisor vSwitch.
Vulnerability
The vulnerability (CVE-2024-11614) is an out-of-bounds read in DPDK's Vhost library, specifically within the checksum offload feature. The root cause is improper validation of a csum_start offset from untrusted Virtio descriptors. [1]
Exploitation
An attacker who controls a guest VM with a virtio driver can send a crafted packet that requests Tx checksum offload with an invalid csum_start offset. This triggers an out-of-bounds read in the vhost-user backend running in the hypervisor, bypassing any authentication beyond guest access. [2]
Impact
Successful exploitation causes the hypervisor's vSwitch process to crash, resulting in denial of service. The attacker can disrupt network connectivity for other VMs and potentially destabilize the host. No code execution or data leakage is indicated beyond the read itself. [3]
Mitigation
Red Hat has issued errata (RHSA-2025:0210, RHSA-2025:0209, RHSA-2025:0208, RHSA-2025:0220) to address this flaw. Users should update the affected DPDK packages to the fixed versions provided in those advisories. [4]
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.openwall.com/lists/oss-security/2024/12/17/3nvd
- access.redhat.com/errata/RHSA-2025:0208nvd
- access.redhat.com/errata/RHSA-2025:0209nvd
- access.redhat.com/errata/RHSA-2025:0210nvd
- access.redhat.com/errata/RHSA-2025:0211nvd
- access.redhat.com/errata/RHSA-2025:0220nvd
- access.redhat.com/errata/RHSA-2025:0221nvd
- access.redhat.com/errata/RHSA-2025:0222nvd
- access.redhat.com/errata/RHSA-2025:3963nvd
- access.redhat.com/errata/RHSA-2025:3964nvd
- access.redhat.com/errata/RHSA-2025:3965nvd
- access.redhat.com/errata/RHSA-2025:3970nvd
- access.redhat.com/security/cve/CVE-2024-11614nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.