CVE-2024-1151 is a stack-based buffer overflow vulnerability identified in the Open vSwitch (OVS) sub-component of the Linux kernel, specifically affecting Red Hat Enterprise Linux 9. The vulnerability occurs due to a recursive operation within the OVS code push function that does not validate the depth of recursive calls. This unchecked recursion causes the system to push an excessive number of stack frames, leading to a stack overflow condition. The overflow can trigger a kernel crash or other related stability issues, resulting in denial of service (DoS). The vulnerability requires local access with low privileges and does not require user interaction, making it exploitable by authenticated users or processes on the affected system. The CVSS v3.1 score is 5.5 (medium severity), reflecting the limited scope of impact—no confidentiality or integrity loss is involved, only availability is affected. There are currently no known exploits in the wild targeting this vulnerability. The flaw is rooted in the kernel's OVS module, which is commonly used in virtualized and cloud environments to manage network switching. The absence of patch links suggests that fixes may be forthcoming or in progress. The vulnerability was publicly disclosed on February 11, 2024, with the Red Hat security team as the assigner.

The primary impact of CVE-2024-1151 is denial of service through system crashes caused by stack overflow in the kernel's OVS module. This can disrupt network operations, especially in environments relying heavily on Open vSwitch for virtual networking, such as cloud service providers, data centers, and enterprise virtualized infrastructures. While confidentiality and integrity remain unaffected, availability degradation can lead to significant operational downtime, impacting business continuity and service reliability. Organizations using Red Hat Enterprise Linux 9 with OVS enabled are at risk of local attackers or compromised users causing system instability or outages. The vulnerability does not allow privilege escalation or remote code execution, limiting its exploitation scope but still posing a threat to system stability and uptime.

To mitigate CVE-2024-1151, organizations should monitor Red Hat advisories closely and apply kernel updates or patches addressing the OVS stack overflow as soon as they become available. Until patches are deployed, restricting local access to trusted users and processes can reduce exploitation risk. Disabling or limiting the use of Open vSwitch where feasible can also minimize exposure. Implementing kernel-level security modules such as SELinux or AppArmor with strict policies on OVS operations may help contain potential misuse. Regularly auditing system logs for unusual OVS activity or crashes can provide early detection of exploitation attempts. Additionally, testing patches in staging environments before production deployment ensures stability and compatibility. Network segmentation and limiting administrative access further reduce the attack surface related to local privilege exploitation.