{"api_version":"1","generated_at":"2026-04-22T23:53:04+00:00","cve":"CVE-2024-0646","urls":{"html":"https://cve.report/CVE-2024-0646","api":"https://cve.report/api/cve/CVE-2024-0646.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-0646","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-0646"},"summary":{"title":"CVE-2024-0646","description":"Description unavailable.","state":"PUBLISHED","assigner":"","published_at":"2024-01-17 16:15:00","updated_at":"2024-03-13 15:15:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:1248","name":"RHSA-2024:1248","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:0851","name":"RHSA-2024:0851","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253908","name":"RHBZ#2253908","refsource":"","tags":["Issue Tracking","Patch"],"title":"2253908 – (CVE-2024-0646) CVE-2024-0646 kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0876","name":"RHSA-2024:0876","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1278","name":"RHSA-2024:1278","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:0724","name":"RHSA-2024:0724","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1269","name":"RHSA-2024:1269","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1250","name":"RHSA-2024:1250","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:0897","name":"RHSA-2024:0897","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267","refsource":"","tags":["Patch"],"title":"net: tls, update curr on splice as well - kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0723","name":"RHSA-2024:0723","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2024-0646","name":"https://access.redhat.com/security/cve/CVE-2024-0646","refsource":"","tags":["Third Party Advisory"],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0850","name":"RHSA-2024:0850","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1268","name":"RHSA-2024:1268","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:0725","name":"RHSA-2024:0725","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:0881","name":"RHSA-2024:0881","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1253","name":"RHSA-2024:1253","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1251","name":"RHSA-2024:1251","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:1306","name":"RHSA-2024:1306","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-0646","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0646","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.7","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.7","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.7","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.7","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"646","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2024-0646","qid":"161372","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2024-12169)"},{"cve":"CVE-2024-0646","qid":"161402","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2024-0897)"},{"cve":"CVE-2024-0646","qid":"161417","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2024-1248)"},{"cve":"CVE-2024-0646","qid":"200116","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6639-1)"},{"cve":"CVE-2024-0646","qid":"200131","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6648-1)"},{"cve":"CVE-2024-0646","qid":"200132","title":"Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6652-1)"},{"cve":"CVE-2024-0646","qid":"200133","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6653-1)"},{"cve":"CVE-2024-0646","qid":"200134","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6651-1)"},{"cve":"CVE-2024-0646","qid":"200150","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6651-2)"},{"cve":"CVE-2024-0646","qid":"200151","title":"Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6648-2)"},{"cve":"CVE-2024-0646","qid":"200152","title":"Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-6653-2)"},{"cve":"CVE-2024-0646","qid":"200157","title":"Ubuntu Security Notification for Linux kernel (StarFive) Vulnerabilities (USN-6651-3)"},{"cve":"CVE-2024-0646","qid":"200158","title":"Ubuntu Security Notification for Linux kernel (Low Latency) Vulnerabilities (USN-6653-3)"},{"cve":"CVE-2024-0646","qid":"200165","title":"Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-6653-4)"},{"cve":"CVE-2024-0646","qid":"242887","title":"Red Hat Update for kernel-rt (RHSA-2024:0725)"},{"cve":"CVE-2024-0646","qid":"242890","title":"Red Hat Update for kernel (RHSA-2024:0724)"},{"cve":"CVE-2024-0646","qid":"242908","title":"Red Hat Update for kernel (RHSA-2024:0723)"},{"cve":"CVE-2024-0646","qid":"242930","title":"Red Hat Update for kpatch-patch (RHSA-2024:0850)"},{"cve":"CVE-2024-0646","qid":"242931","title":"Red Hat Update for kpatch-patch (RHSA-2024:0851)"},{"cve":"CVE-2024-0646","qid":"242938","title":"Red Hat Update for kpatch-patch (RHSA-2024:0876)"},{"cve":"CVE-2024-0646","qid":"242939","title":"Red Hat Update for kernel (RHSA-2024:0897)"},{"cve":"CVE-2024-0646","qid":"242983","title":"Red Hat Update for kernel-rt (RHSA-2024:0881)"},{"cve":"CVE-2024-0646","qid":"243050","title":"Red Hat Update for kernel (RHSA-2024:1250)"},{"cve":"CVE-2024-0646","qid":"243052","title":"Red Hat Update for kernel (RHSA-2024:1248)"},{"cve":"CVE-2024-0646","qid":"243053","title":"Red Hat Update for kernel live patch module (RHSA-2024:1253)"},{"cve":"CVE-2024-0646","qid":"243054","title":"Red Hat Update for kpatch-patch (RHSA-2024:1251)"},{"cve":"CVE-2024-0646","qid":"243055","title":"Red Hat Update for kernel (RHSA-2024:1268)"},{"cve":"CVE-2024-0646","qid":"243057","title":"Red Hat Update for kpatch-patch (RHSA-2024:1278)"},{"cve":"CVE-2024-0646","qid":"243058","title":"Red Hat Update for kernel-rt (RHSA-2024:1269)"},{"cve":"CVE-2024-0646","qid":"243062","title":"Red Hat Update for kernel-rt (RHSA-2024:1306)"},{"cve":"CVE-2024-0646","qid":"243076","title":"Red Hat Update for kernel (RHSA-2024:1367)"},{"cve":"CVE-2024-0646","qid":"243078","title":"Red Hat Update for kpatch-patch (RHSA-2024:1368)"},{"cve":"CVE-2024-0646","qid":"243085","title":"Red Hat Update for kpatch-patch (RHSA-2024:1377)"},{"cve":"CVE-2024-0646","qid":"243087","title":"Red Hat Update for kernel (RHSA-2024:1404)"},{"cve":"CVE-2024-0646","qid":"243096","title":"Red Hat Update for kernel-rt (RHSA-2024:1382)"},{"cve":"CVE-2024-0646","qid":"357101","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2024-048"},{"cve":"CVE-2024-0646","qid":"357105","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2024-036"},{"cve":"CVE-2024-0646","qid":"357112","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2024-059"},{"cve":"CVE-2024-0646","qid":"357311","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-166"},{"cve":"CVE-2024-0646","qid":"357314","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-167"},{"cve":"CVE-2024-0646","qid":"357318","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-169"},{"cve":"CVE-2024-0646","qid":"6140032","title":"AWS Bottlerocket Security Update for kernel (GHSA-vp24-6cwh-5x5c)"},{"cve":"CVE-2024-0646","qid":"941584","title":"AlmaLinux Security Update for kernel (ALSA-2024:0897)"}]},"source_records":{"cve_program":null,"nvd":{"publishedDate":"2024-01-17 16:15:00","lastModifiedDate":"2024-03-13 15:15:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.7","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}