CVE-2024-26741
Vulnerability from cvelistv5
Published
2024-04-03 17:00
Modified
2024-12-19 08:46
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->icsk_bind_hash); However, the syzkaller's log hinted that connect() failed just before the warning due to FAULT_INJECTION. [1] When connect() is called for an unbound socket, we search for an available ephemeral port. If a bhash bucket exists for the port, we call __inet_check_established() or __inet6_check_established() to check if the bucket is reusable. If reusable, we add the socket into ehash and set inet_sk(sk)->inet_num. Later, we look up the corresponding bhash2 bucket and try to allocate it if it does not exist. Although it rarely occurs in real use, if the allocation fails, we must revert the changes by check_established(). Otherwise, an unconnected socket could illegally occupy an ehash entry. Note that we do not put tw back into ehash because sk might have already responded to a packet for tw and it would be better to free tw earlier under such memory presure. [0]: WARNING: CPU: 0 PID: 350830 at net/ipv4/inet_connection_sock.c:1193 inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193) Modules linked in: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193) Code: 41 5c 41 5d 41 5e e9 2d 4a 3d fd e8 28 4a 3d fd 48 89 ef e8 f0 cd 7d ff 5b 5d 41 5c 41 5d 41 5e e9 13 4a 3d fd e8 0e 4a 3d fd <0f> 0b e9 61 fe ff ff e8 02 4a 3d fd 4c 89 e7 be 03 00 00 00 e8 05 RSP: 0018:ffffc9000b21fd38 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000009e78 RCX: ffffffff840bae40 RDX: ffff88806e46c600 RSI: ffffffff840bb012 RDI: ffff88811755cca8 RBP: ffff88811755c880 R08: 0000000000000003 R09: 0000000000000000 R10: 0000000000009e78 R11: 0000000000000000 R12: ffff88811755c8e0 R13: ffff88811755c892 R14: ffff88811755c918 R15: 0000000000000000 FS: 00007f03e5243800(0000) GS:ffff88811ae00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b32f21000 CR3: 0000000112ffe001 CR4: 0000000000770ef0 PKRU: 55555554 Call Trace: <TASK> ? inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193) dccp_close (net/dccp/proto.c:1078) inet_release (net/ipv4/af_inet.c:434) __sock_release (net/socket.c:660) sock_close (net/socket.c:1423) __fput (fs/file_table.c:377) __fput_sync (fs/file_table.c:462) __x64_sys_close (fs/open.c:1557 fs/open.c:1539 fs/open.c:1539) do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129) RIP: 0033:0x7f03e53852bb Code: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 43 c9 f5 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 c9 f5 ff 8b 44 RSP: 002b:00000000005dfba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f03e53852bb RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000167c R10: 0000000008a79680 R11: 0000000000000293 R12: 00007f03e4e43000 R13: 00007f03e4e43170 R14: 00007f03e4e43178 R15: 00007f03e4e43170 </TASK> [1]: FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 350833 Comm: syz-executor.1 Not tainted 6.7.0-12272-g2121c43f88f5 #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1)) should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153) should_failslab (mm/slub.c:3748) kmem_cache_alloc (mm/slub.c:3763 mm/slub.c:3842 mm/slub.c:3867) inet_bind2_bucket_create ---truncated---
Impacted products
Vendor Product Version
Linux Linux Version: 6.1
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:13.211Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/729bc77af438a6e67914c97f6f3d3af8f72c0131"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/334a8348b2df26526f3298848ad6864285592caf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f8c4a6b850882bc47aaa864b720c7a2ee3102f39"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66b60b0c8c4a163b022a9f0ad6769b0fd3dc662f"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26741",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:51:47.535514Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:17.118Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/inet_hashtables.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "729bc77af438a6e67914c97f6f3d3af8f72c0131",
              "status": "affected",
              "version": "28044fc1d4953b07acec0da4d2fc4784c57ea6fb",
              "versionType": "git"
            },
            {
              "lessThan": "334a8348b2df26526f3298848ad6864285592caf",
              "status": "affected",
              "version": "28044fc1d4953b07acec0da4d2fc4784c57ea6fb",
              "versionType": "git"
            },
            {
              "lessThan": "f8c4a6b850882bc47aaa864b720c7a2ee3102f39",
              "status": "affected",
              "version": "28044fc1d4953b07acec0da4d2fc4784c57ea6fb",
              "versionType": "git"
            },
            {
              "lessThan": "66b60b0c8c4a163b022a9f0ad6769b0fd3dc662f",
              "status": "affected",
              "version": "28044fc1d4953b07acec0da4d2fc4784c57ea6fb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/inet_hashtables.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "lessThan": "6.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().\n\nsyzkaller reported a warning [0] in inet_csk_destroy_sock() with no\nrepro.\n\n  WARN_ON(inet_sk(sk)-\u003einet_num \u0026\u0026 !inet_csk(sk)-\u003eicsk_bind_hash);\n\nHowever, the syzkaller\u0027s log hinted that connect() failed just before\nthe warning due to FAULT_INJECTION.  [1]\n\nWhen connect() is called for an unbound socket, we search for an\navailable ephemeral port.  If a bhash bucket exists for the port, we\ncall __inet_check_established() or __inet6_check_established() to check\nif the bucket is reusable.\n\nIf reusable, we add the socket into ehash and set inet_sk(sk)-\u003einet_num.\n\nLater, we look up the corresponding bhash2 bucket and try to allocate\nit if it does not exist.\n\nAlthough it rarely occurs in real use, if the allocation fails, we must\nrevert the changes by check_established().  Otherwise, an unconnected\nsocket could illegally occupy an ehash entry.\n\nNote that we do not put tw back into ehash because sk might have\nalready responded to a packet for tw and it would be better to free\ntw earlier under such memory presure.\n\n[0]:\nWARNING: CPU: 0 PID: 350830 at net/ipv4/inet_connection_sock.c:1193 inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\nModules linked in:\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\nCode: 41 5c 41 5d 41 5e e9 2d 4a 3d fd e8 28 4a 3d fd 48 89 ef e8 f0 cd 7d ff 5b 5d 41 5c 41 5d 41 5e e9 13 4a 3d fd e8 0e 4a 3d fd \u003c0f\u003e 0b e9 61 fe ff ff e8 02 4a 3d fd 4c 89 e7 be 03 00 00 00 e8 05\nRSP: 0018:ffffc9000b21fd38 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000009e78 RCX: ffffffff840bae40\nRDX: ffff88806e46c600 RSI: ffffffff840bb012 RDI: ffff88811755cca8\nRBP: ffff88811755c880 R08: 0000000000000003 R09: 0000000000000000\nR10: 0000000000009e78 R11: 0000000000000000 R12: ffff88811755c8e0\nR13: ffff88811755c892 R14: ffff88811755c918 R15: 0000000000000000\nFS:  00007f03e5243800(0000) GS:ffff88811ae00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b32f21000 CR3: 0000000112ffe001 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\n dccp_close (net/dccp/proto.c:1078)\n inet_release (net/ipv4/af_inet.c:434)\n __sock_release (net/socket.c:660)\n sock_close (net/socket.c:1423)\n __fput (fs/file_table.c:377)\n __fput_sync (fs/file_table.c:462)\n __x64_sys_close (fs/open.c:1557 fs/open.c:1539 fs/open.c:1539)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\nRIP: 0033:0x7f03e53852bb\nCode: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 43 c9 f5 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 c9 f5 ff 8b 44\nRSP: 002b:00000000005dfba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003\nRAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f03e53852bb\nRDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000167c\nR10: 0000000008a79680 R11: 0000000000000293 R12: 00007f03e4e43000\nR13: 00007f03e4e43170 R14: 00007f03e4e43178 R15: 00007f03e4e43170\n \u003c/TASK\u003e\n\n[1]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 0 PID: 350833 Comm: syz-executor.1 Not tainted 6.7.0-12272-g2121c43f88f5 #9\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1))\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\n should_failslab (mm/slub.c:3748)\n kmem_cache_alloc (mm/slub.c:3763 mm/slub.c:3842 mm/slub.c:3867)\n inet_bind2_bucket_create \n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T08:46:15.761Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/729bc77af438a6e67914c97f6f3d3af8f72c0131"
        },
        {
          "url": "https://git.kernel.org/stable/c/334a8348b2df26526f3298848ad6864285592caf"
        },
        {
          "url": "https://git.kernel.org/stable/c/f8c4a6b850882bc47aaa864b720c7a2ee3102f39"
        },
        {
          "url": "https://git.kernel.org/stable/c/66b60b0c8c4a163b022a9f0ad6769b0fd3dc662f"
        }
      ],
      "title": "dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26741",
    "datePublished": "2024-04-03T17:00:26.276Z",
    "dateReserved": "2024-02-19T14:20:24.167Z",
    "dateUpdated": "2024-12-19T08:46:15.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26741\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-03T17:15:51.457\",\"lastModified\":\"2024-11-21T09:02:57.780\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().\\n\\nsyzkaller reported a warning [0] in inet_csk_destroy_sock() with no\\nrepro.\\n\\n  WARN_ON(inet_sk(sk)-\u003einet_num \u0026\u0026 !inet_csk(sk)-\u003eicsk_bind_hash);\\n\\nHowever, the syzkaller\u0027s log hinted that connect() failed just before\\nthe warning due to FAULT_INJECTION.  [1]\\n\\nWhen connect() is called for an unbound socket, we search for an\\navailable ephemeral port.  If a bhash bucket exists for the port, we\\ncall __inet_check_established() or __inet6_check_established() to check\\nif the bucket is reusable.\\n\\nIf reusable, we add the socket into ehash and set inet_sk(sk)-\u003einet_num.\\n\\nLater, we look up the corresponding bhash2 bucket and try to allocate\\nit if it does not exist.\\n\\nAlthough it rarely occurs in real use, if the allocation fails, we must\\nrevert the changes by check_established().  Otherwise, an unconnected\\nsocket could illegally occupy an ehash entry.\\n\\nNote that we do not put tw back into ehash because sk might have\\nalready responded to a packet for tw and it would be better to free\\ntw earlier under such memory presure.\\n\\n[0]:\\nWARNING: CPU: 0 PID: 350830 at net/ipv4/inet_connection_sock.c:1193 inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\\nModules linked in:\\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\\nRIP: 0010:inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\\nCode: 41 5c 41 5d 41 5e e9 2d 4a 3d fd e8 28 4a 3d fd 48 89 ef e8 f0 cd 7d ff 5b 5d 41 5c 41 5d 41 5e e9 13 4a 3d fd e8 0e 4a 3d fd \u003c0f\u003e 0b e9 61 fe ff ff e8 02 4a 3d fd 4c 89 e7 be 03 00 00 00 e8 05\\nRSP: 0018:ffffc9000b21fd38 EFLAGS: 00010293\\nRAX: 0000000000000000 RBX: 0000000000009e78 RCX: ffffffff840bae40\\nRDX: ffff88806e46c600 RSI: ffffffff840bb012 RDI: ffff88811755cca8\\nRBP: ffff88811755c880 R08: 0000000000000003 R09: 0000000000000000\\nR10: 0000000000009e78 R11: 0000000000000000 R12: ffff88811755c8e0\\nR13: ffff88811755c892 R14: ffff88811755c918 R15: 0000000000000000\\nFS:  00007f03e5243800(0000) GS:ffff88811ae00000(0000) knlGS:0000000000000000\\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 0000001b32f21000 CR3: 0000000112ffe001 CR4: 0000000000770ef0\\nPKRU: 55555554\\nCall Trace:\\n \u003cTASK\u003e\\n ? inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\\n dccp_close (net/dccp/proto.c:1078)\\n inet_release (net/ipv4/af_inet.c:434)\\n __sock_release (net/socket.c:660)\\n sock_close (net/socket.c:1423)\\n __fput (fs/file_table.c:377)\\n __fput_sync (fs/file_table.c:462)\\n __x64_sys_close (fs/open.c:1557 fs/open.c:1539 fs/open.c:1539)\\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\\nRIP: 0033:0x7f03e53852bb\\nCode: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 43 c9 f5 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 c9 f5 ff 8b 44\\nRSP: 002b:00000000005dfba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003\\nRAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f03e53852bb\\nRDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000003\\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000167c\\nR10: 0000000008a79680 R11: 0000000000000293 R12: 00007f03e4e43000\\nR13: 00007f03e4e43170 R14: 00007f03e4e43178 R15: 00007f03e4e43170\\n \u003c/TASK\u003e\\n\\n[1]:\\nFAULT_INJECTION: forcing a failure.\\nname failslab, interval 1, probability 0, space 0, times 0\\nCPU: 0 PID: 350833 Comm: syz-executor.1 Not tainted 6.7.0-12272-g2121c43f88f5 #9\\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\\nCall Trace:\\n \u003cTASK\u003e\\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1))\\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\\n should_failslab (mm/slub.c:3748)\\n kmem_cache_alloc (mm/slub.c:3763 mm/slub.c:3842 mm/slub.c:3867)\\n inet_bind2_bucket_create \\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dccp/tcp: Unhash sk de ehash para error de asignaci\u00f3n de tb2 despu\u00e9s de check_estalblished(). syzkaller inform\u00f3 una advertencia [0] en inet_csk_destroy_sock() sin reproducci\u00f3n. WARN_ON(inet_sk(sk)-\u0026gt;inet_num \u0026amp;\u0026amp; !inet_csk(sk)-\u0026gt;icsk_bind_hash); Sin embargo, el registro del syzkaller insinu\u00f3 que connect() fall\u00f3 justo antes de la advertencia debido a FAULT_INJECTION. [1] Cuando se llama a connect() para un socket independiente, buscamos un puerto ef\u00edmero disponible. Si existe un dep\u00f3sito bhash para el puerto, llamamos a __inet_check_establecido() o __inet6_check_establecido() para verificar si el dep\u00f3sito es reutilizable. Si es reutilizable, agregamos el socket en ehash y configuramos inet_sk(sk)-\u0026gt;inet_num. Luego, buscamos el dep\u00f3sito bhash2 correspondiente e intentamos asignarlo si no existe. Aunque rara vez ocurre en el uso real, si la asignaci\u00f3n falla, debemos revertir los cambios mediante check_establecido(). De lo contrario, un enchufe desconectado podr\u00eda ocupar ilegalmente una entrada ehash. Tenga en cuenta que no volvemos a colocar tw en ehash porque es posible que sk ya haya respondido a un paquete para tw y ser\u00eda mejor liberar tw antes bajo tal presi\u00f3n de memoria. [0]: ADVERTENCIA: CPU: 0 PID: 350830 en net/ipv4/inet_connection_sock.c:1193 inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193) M\u00f3dulos vinculados en: Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996 ), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 01/04/2014 RIP: 0010:inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193) C\u00f3digo: 41 5c 41 5d 41 5e e9 2d 4a 3d fd e8 28 4a 3d fd 48 89 ef e8 f0 cd 7d ff 5b 5d 41 5c 41 5d 41 5e e9 13 4a 3d fd e8 0e 4a 3d fd \u0026lt;0f\u0026gt; 0b e9 61 fe ff ff e8 02 4a 3d fd 4c 89 e 7 be 03 00 00 00 e8 05 RSP: 0018:ffffc9000b21fd38 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000009e78 RCX: ffffffff840bae40 RDX: ffff88806e 46c600 RSI: ffffffff840bb012 RDI: ffff88811755cca8 RBP: ffff88811755c880 R08: 0000000000000003 R09: 00000000000000000 R10: 0000000000009e78 R11: 00 00000000000000 R12: ffff88811755c8e0 R13: ffff88811755c892 R14: ffff88811755c918 R15: 0000000000000000 FS: 00007f03e5243800(0000) GS:ffff88811ae00000(0000) knl GS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b32f21000 CR3: 0000000112ffe001 CR4: 0000000000770ef0 PKRU: 5555 Llamada 5554 Seguimiento:  ? inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193) dccp_close (net/dccp/proto.c:1078) inet_release (net/ipv4/af_inet.c:434) __sock_release (net/socket.c:660) sock_close (net/ socket.c:1423) __fput (fs/file_table.c:377) __fput_sync (fs/file_table.c:462) __x64_sys_close (fs/open.c:1557 fs/open.c:1539 fs/open.c:1539) do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) Entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129) RIP: 0033:0x7f03e53852bb C\u00f3digo: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 43 c9 f5 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 \u0026lt;48\u0026gt; 3d 00 f0 ff ff 77 3 5 44 89 c7 89 44 24 0c e8 a1 c9 f5 ff 8b 44 RSP: 002b:00000000005dfba0 EFLAGS: 00000293 ORIG_RAX: 00000000000000003 RAX: ffffffffffffffda RBX: 00000000000000004 RCX: 00007f03e53852bb RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000003 RBP: 000000000000000000 R08: 0000000000000000 R09: 000000000000167c R10: 0000000008a79680 R11: 0000000000000293 R12: 00007f03e4e43000 R13: 00007f03e4e43170 R14: 00007f03e4e43178 R15: 00007f03e4e431 70  [1]: FAULT_INJECTION: forzando un fallo. nombre failslab, intervalo 1, probabilidad 0, espacio 0, tiempos 0 CPU: 0 PID: 350833 Comm: syz-executor.1 No contaminado 6.7.0-12272-g2121c43f88f5 #9 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996 ), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 01/04/2014 Seguimiento de llamadas:  dump_stack_lvl---truncado---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/334a8348b2df26526f3298848ad6864285592caf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/66b60b0c8c4a163b022a9f0ad6769b0fd3dc662f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/729bc77af438a6e67914c97f6f3d3af8f72c0131\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f8c4a6b850882bc47aaa864b720c7a2ee3102f39\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/334a8348b2df26526f3298848ad6864285592caf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/66b60b0c8c4a163b022a9f0ad6769b0fd3dc662f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/729bc77af438a6e67914c97f6f3d3af8f72c0131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f8c4a6b850882bc47aaa864b720c7a2ee3102f39\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.