cve-2021-47563
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-12-19 07:44
Summary
In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpf_prog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndo_bpf op and VSI rebuild flow. The latter takes place for example when user changes queue count on an interface via ethtool's set_channels(). There is an issue around the bpf_prog refcounting when VSI is being rebuilt - since ice_prepare_xdp_rings() is called with vsi->xdp_prog as an argument that is used later on by ice_vsi_assign_bpf_prog(), same bpf_prog pointers are swapped with each other. Then it is also interpreted as an 'old_prog' which in turn causes us to call bpf_prog_put on it that will decrement its refcount. Below splat can be interpreted in a way that due to zero refcount of a bpf_prog it is wiped out from the system while kernel still tries to refer to it: [ 481.069429] BUG: unable to handle page fault for address: ffffc9000640f038 [ 481.077390] #PF: supervisor read access in kernel mode [ 481.083335] #PF: error_code(0x0000) - not-present page [ 481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0 [ 481.097141] Oops: 0000 [#1] PREEMPT SMP PTI [ 481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G OE 5.15.0-rc5+ #1 [ 481.110840] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016 [ 481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40 [ 481.127265] Code: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 <48> 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84 [ 481.148991] RSP: 0018:ffffc90007b63868 EFLAGS: 00010286 [ 481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000 [ 481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000 [ 481.171527] RBP: ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0 [ 481.179776] R10: 0000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc [ 481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 481.196276] FS: 00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000 [ 481.205633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0 [ 481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 481.228771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 481.237029] Call Trace: [ 481.239856] rtnl_fill_ifinfo+0x768/0x12e0 [ 481.244602] rtnl_dump_ifinfo+0x525/0x650 [ 481.249246] ? __alloc_skb+0xa5/0x280 [ 481.253484] netlink_dump+0x168/0x3c0 [ 481.257725] netlink_recvmsg+0x21e/0x3e0 [ 481.262263] ____sys_recvmsg+0x87/0x170 [ 481.266707] ? __might_fault+0x20/0x30 [ 481.271046] ? _copy_from_user+0x66/0xa0 [ 481.275591] ? iovec_from_user+0xf6/0x1c0 [ 481.280226] ___sys_recvmsg+0x82/0x100 [ 481.284566] ? sock_sendmsg+0x5e/0x60 [ 481.288791] ? __sys_sendto+0xee/0x150 [ 481.293129] __sys_recvmsg+0x56/0xa0 [ 481.297267] do_syscall_64+0x3b/0xc0 [ 481.301395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 481.307238] RIP: 0033:0x7f5466f39617 [ 481.311373] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10 [ 481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617 [ 481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 0000000000000003 [ 481.398500] RBP: 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50 [ 481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: 00007ffedc7f5360 [ 481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98 [ 481.451520] Modules linked in: ice ---truncated---
Impacted products
Vendor Product Version
Linux Linux Version: 5.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47563",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T16:50:07.805074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T16:52:12.886Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.865Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e65a8707b4cd756d26d246bb2b9fab06eebafac1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1f10b09ccc832698ef4624a6ab9a213b6ccbda76"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f65ee535df775a13a1046c0a0b2d72db342f8a5b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e65a8707b4cd756d26d246bb2b9fab06eebafac1",
              "status": "affected",
              "version": "efc2214b6047b6f5b4ca53151eba62521b9452d6",
              "versionType": "git"
            },
            {
              "lessThan": "1f10b09ccc832698ef4624a6ab9a213b6ccbda76",
              "status": "affected",
              "version": "efc2214b6047b6f5b4ca53151eba62521b9452d6",
              "versionType": "git"
            },
            {
              "lessThan": "f65ee535df775a13a1046c0a0b2d72db342f8a5b",
              "status": "affected",
              "version": "efc2214b6047b6f5b4ca53151eba62521b9452d6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: avoid bpf_prog refcount underflow\n\nIce driver has the routines for managing XDP resources that are shared\nbetween ndo_bpf op and VSI rebuild flow. The latter takes place for\nexample when user changes queue count on an interface via ethtool\u0027s\nset_channels().\n\nThere is an issue around the bpf_prog refcounting when VSI is being\nrebuilt - since ice_prepare_xdp_rings() is called with vsi-\u003exdp_prog as\nan argument that is used later on by ice_vsi_assign_bpf_prog(), same\nbpf_prog pointers are swapped with each other. Then it is also\ninterpreted as an \u0027old_prog\u0027 which in turn causes us to call\nbpf_prog_put on it that will decrement its refcount.\n\nBelow splat can be interpreted in a way that due to zero refcount of a\nbpf_prog it is wiped out from the system while kernel still tries to\nrefer to it:\n\n[  481.069429] BUG: unable to handle page fault for address: ffffc9000640f038\n[  481.077390] #PF: supervisor read access in kernel mode\n[  481.083335] #PF: error_code(0x0000) - not-present page\n[  481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0\n[  481.097141] Oops: 0000 [#1] PREEMPT SMP PTI\n[  481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G           OE     5.15.0-rc5+ #1\n[  481.110840] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016\n[  481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40\n[  481.127265] Code: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 \u003c48\u003e 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84\n[  481.148991] RSP: 0018:ffffc90007b63868 EFLAGS: 00010286\n[  481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000\n[  481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000\n[  481.171527] RBP: ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0\n[  481.179776] R10: 0000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc\n[  481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[  481.196276] FS:  00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000\n[  481.205633] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0\n[  481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  481.228771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[  481.237029] Call Trace:\n[  481.239856]  rtnl_fill_ifinfo+0x768/0x12e0\n[  481.244602]  rtnl_dump_ifinfo+0x525/0x650\n[  481.249246]  ? __alloc_skb+0xa5/0x280\n[  481.253484]  netlink_dump+0x168/0x3c0\n[  481.257725]  netlink_recvmsg+0x21e/0x3e0\n[  481.262263]  ____sys_recvmsg+0x87/0x170\n[  481.266707]  ? __might_fault+0x20/0x30\n[  481.271046]  ? _copy_from_user+0x66/0xa0\n[  481.275591]  ? iovec_from_user+0xf6/0x1c0\n[  481.280226]  ___sys_recvmsg+0x82/0x100\n[  481.284566]  ? sock_sendmsg+0x5e/0x60\n[  481.288791]  ? __sys_sendto+0xee/0x150\n[  481.293129]  __sys_recvmsg+0x56/0xa0\n[  481.297267]  do_syscall_64+0x3b/0xc0\n[  481.301395]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[  481.307238] RIP: 0033:0x7f5466f39617\n[  481.311373] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10\n[  481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\n[  481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617\n[  481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 0000000000000003\n[  481.398500] RBP: 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50\n[  481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: 00007ffedc7f5360\n[  481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98\n[  481.451520] Modules linked in: ice\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T07:44:53.733Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e65a8707b4cd756d26d246bb2b9fab06eebafac1"
        },
        {
          "url": "https://git.kernel.org/stable/c/1f10b09ccc832698ef4624a6ab9a213b6ccbda76"
        },
        {
          "url": "https://git.kernel.org/stable/c/f65ee535df775a13a1046c0a0b2d72db342f8a5b"
        }
      ],
      "title": "ice: avoid bpf_prog refcount underflow",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47563",
    "datePublished": "2024-05-24T15:12:51.398Z",
    "dateReserved": "2024-05-24T15:11:00.728Z",
    "dateUpdated": "2024-12-19T07:44:53.733Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47563\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-24T15:15:21.033\",\"lastModified\":\"2024-11-21T06:36:33.867\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nice: avoid bpf_prog refcount underflow\\n\\nIce driver has the routines for managing XDP resources that are shared\\nbetween ndo_bpf op and VSI rebuild flow. The latter takes place for\\nexample when user changes queue count on an interface via ethtool\u0027s\\nset_channels().\\n\\nThere is an issue around the bpf_prog refcounting when VSI is being\\nrebuilt - since ice_prepare_xdp_rings() is called with vsi-\u003exdp_prog as\\nan argument that is used later on by ice_vsi_assign_bpf_prog(), same\\nbpf_prog pointers are swapped with each other. Then it is also\\ninterpreted as an \u0027old_prog\u0027 which in turn causes us to call\\nbpf_prog_put on it that will decrement its refcount.\\n\\nBelow splat can be interpreted in a way that due to zero refcount of a\\nbpf_prog it is wiped out from the system while kernel still tries to\\nrefer to it:\\n\\n[  481.069429] BUG: unable to handle page fault for address: ffffc9000640f038\\n[  481.077390] #PF: supervisor read access in kernel mode\\n[  481.083335] #PF: error_code(0x0000) - not-present page\\n[  481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0\\n[  481.097141] Oops: 0000 [#1] PREEMPT SMP PTI\\n[  481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G           OE     5.15.0-rc5+ #1\\n[  481.110840] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016\\n[  481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40\\n[  481.127265] Code: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 \u003c48\u003e 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84\\n[  481.148991] RSP: 0018:ffffc90007b63868 EFLAGS: 00010286\\n[  481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000\\n[  481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000\\n[  481.171527] RBP: ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0\\n[  481.179776] R10: 0000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc\\n[  481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\\n[  481.196276] FS:  00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000\\n[  481.205633] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[  481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0\\n[  481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\\n[  481.228771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\\n[  481.237029] Call Trace:\\n[  481.239856]  rtnl_fill_ifinfo+0x768/0x12e0\\n[  481.244602]  rtnl_dump_ifinfo+0x525/0x650\\n[  481.249246]  ? __alloc_skb+0xa5/0x280\\n[  481.253484]  netlink_dump+0x168/0x3c0\\n[  481.257725]  netlink_recvmsg+0x21e/0x3e0\\n[  481.262263]  ____sys_recvmsg+0x87/0x170\\n[  481.266707]  ? __might_fault+0x20/0x30\\n[  481.271046]  ? _copy_from_user+0x66/0xa0\\n[  481.275591]  ? iovec_from_user+0xf6/0x1c0\\n[  481.280226]  ___sys_recvmsg+0x82/0x100\\n[  481.284566]  ? sock_sendmsg+0x5e/0x60\\n[  481.288791]  ? __sys_sendto+0xee/0x150\\n[  481.293129]  __sys_recvmsg+0x56/0xa0\\n[  481.297267]  do_syscall_64+0x3b/0xc0\\n[  481.301395]  entry_SYSCALL_64_after_hwframe+0x44/0xae\\n[  481.307238] RIP: 0033:0x7f5466f39617\\n[  481.311373] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10\\n[  481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\\n[  481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617\\n[  481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 0000000000000003\\n[  481.398500] RBP: 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50\\n[  481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: 00007ffedc7f5360\\n[  481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98\\n[  481.451520] Modules linked in: ice\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ice: evitar el subdesbordamiento de refcount de bpf_prog El controlador Ice tiene rutinas para administrar los recursos XDP que se comparten entre la operaci\u00f3n ndo_bpf y el flujo de reconstrucci\u00f3n VSI. Esto \u00faltimo ocurre, por ejemplo, cuando el usuario cambia el recuento de cola en una interfaz a trav\u00e9s de set_channels() de ethtool. Hay un problema relacionado con el recuento de bpf_prog cuando se reconstruye VSI: dado que se llama a ice_prepare_xdp_rings() con vsi-\u0026gt;xdp_prog como argumento que ice_vsi_assign_bpf_prog() usa m\u00e1s adelante, los mismos punteros de bpf_prog se intercambian entre s\u00ed. Luego tambi\u00e9n se interpreta como un \u0027old_prog\u0027 que a su vez hace que llamemos a bpf_prog_put, lo que disminuir\u00e1 su recuento. El siguiente s\u00edmbolo se puede interpretar de una manera que, debido al recuento cero de un bpf_prog, se elimina del sistema mientras el kernel todav\u00eda intenta hacer referencia a \u00e9l: [481.069429] ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: ffffc9000640f038 [481.077390] # PF: acceso de lectura de supervisor en modo kernel [ 481.083335] #PF: error_code(0x0000) - p\u00e1gina no presente [ 481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0 [ 481.097141] : 0000 [#1] ANTICIPACI\u00d3N SMP PTI [ 481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G OE 5.15.0-rc5+ #1 [ 481.110840] Nombre de hardware: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 19/05/2016 [ 481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40 [ 481.127265] C\u00f3digo: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 \u0026lt;48\u0026gt; 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84 [ 481.148991] RSP: ffffc90007b638 68 EFLAGS: 00010286 [481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000 [ 481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000 [ 481.171527] ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0 [ 481.179776] R10: 00000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc [ 481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 481.196276] FS: 00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000 [ 48 1.205633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0 [ 481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 481.228771] DR3: 00000000000000000 DR6: 00000000ffe0ff0 7: 0000000000000400 [481.237029] Seguimiento de llamadas: [481.239856] rtnl_fill_ifinfo+0x768/0x12e0 [481.244602] rtnl_dump_ifinfo+0x525/0x650 [481.249246] ? __alloc_skb+0xa5/0x280 [ 481.253484] netlink_dump+0x168/0x3c0 [ 481.257725] netlink_recvmsg+0x21e/0x3e0 [ 481.262263] ____sys_recvmsg+0x87/0x170 [ 481.2 66707] ? __might_fault+0x20/0x30 [ 481.271046] ? _copia_de_usuario+0x66/0xa0 [481.275591] ? iovec_from_user+0xf6/0x1c0 [ 481.280226] ___sys_recvmsg+0x82/0x100 [ 481.284566] ? sock_sendmsg+0x5e/0x60 [481.288791]? __sys_sendto+0xee/0x150 [ 481.293129] __sys_recvmsg+0x56/0xa0 [ 481.297267] do_syscall_64+0x3b/0xc0 [ 481.301395] Entry_SYSCALL_64_after_hwframe+0x44/0xae [ 481.307238] RIP: 0033:0x7f5466f39617 [ 481.311373] C\u00f3digo: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 \u0026lt;48\u0026gt; 3d 00 f0 ff ff 77 51 c3 48 83 ec 2 8 89 54 24 1c 48 89 74 24 10 [ 481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 0000000000000002f [ 481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617 [ 481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 000000000000003 [ 481.398500] R PA : 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50 [ 481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: ffedc7f5360 [ 481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98 [ 481.451520] M\u00f3dulos vinculados en: ice ---truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1f10b09ccc832698ef4624a6ab9a213b6ccbda76\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e65a8707b4cd756d26d246bb2b9fab06eebafac1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f65ee535df775a13a1046c0a0b2d72db342f8a5b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1f10b09ccc832698ef4624a6ab9a213b6ccbda76\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/e65a8707b4cd756d26d246bb2b9fab06eebafac1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f65ee535df775a13a1046c0a0b2d72db342f8a5b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.