{"id":"AZL-68252","summary":"CVE-2024-40999 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Add validation for completion descriptors consistency\n\nValidate that `first` flag is set only for the first\ndescriptor in multi-buffer packets.\nIn case of an invalid descriptor, a reset will occur.\nA new reset reason for RX data corruption has been added.","modified":"2026-04-01T05:21:23.378334Z","published":"2024-07-12T13:15:20Z","upstream":["CVE-2024-40999"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40999"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-68252.json"}}],"schema_version":"1.7.5"}