cve-2024-26707
Vulnerability from cvelistv5
Published
2024-04-03 14:55
Modified
2024-09-11 17:32
Severity
Summary
net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
References
SourceURLTags
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0d8011a878fdf96123bc0d6a12e2fe7ced5fddfb
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/37e8c97e539015637cb920d3e6f1e404f707a06e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/547545e50c913861219947ce490c68a1776b9b51
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/56440799fc4621c279df16176f83a995d056023a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/923dea2a7ea9e1ef5ac4031fba461c1cc92e32b8
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/de769423b2f053182a41317c4db5a927e90622a0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Impacted products
VendorProduct
LinuxLinux
LinuxLinux
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:12.854Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d8011a878fdf96123bc0d6a12e2fe7ced5fddfb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/de769423b2f053182a41317c4db5a927e90622a0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56440799fc4621c279df16176f83a995d056023a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/923dea2a7ea9e1ef5ac4031fba461c1cc92e32b8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/547545e50c913861219947ce490c68a1776b9b51"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/37e8c97e539015637cb920d3e6f1e404f707a06e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26707",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:52:36.137987Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.817Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/hsr/hsr_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0d8011a878fd",
              "status": "affected",
              "version": "121c33b07b31",
              "versionType": "git"
            },
            {
              "lessThan": "de769423b2f0",
              "status": "affected",
              "version": "121c33b07b31",
              "versionType": "git"
            },
            {
              "lessThan": "56440799fc46",
              "status": "affected",
              "version": "121c33b07b31",
              "versionType": "git"
            },
            {
              "lessThan": "923dea2a7ea9",
              "status": "affected",
              "version": "121c33b07b31",
              "versionType": "git"
            },
            {
              "lessThan": "547545e50c91",
              "status": "affected",
              "version": "121c33b07b31",
              "versionType": "git"
            },
            {
              "lessThan": "37e8c97e5390",
              "status": "affected",
              "version": "121c33b07b31",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/hsr/hsr_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.210",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.149",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.79",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.18",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.6",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()\n\nSyzkaller reported [1] hitting a warning after failing to allocate\nresources for skb in hsr_init_skb(). Since a WARN_ONCE() call will\nnot help much in this case, it might be prudent to switch to\nnetdev_warn_once(). At the very least it will suppress syzkaller\nreports such as [1].\n\nJust in case, use netdev_warn_once() in send_prp_supervision_frame()\nfor similar reasons.\n\n[1]\nHSR: Could not send supervision frame\nWARNING: CPU: 1 PID: 85 at net/hsr/hsr_device.c:294 send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294\nRIP: 0010:send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294\n...\nCall Trace:\n \u003cIRQ\u003e\n hsr_announce+0x114/0x370 net/hsr/hsr_device.c:382\n call_timer_fn+0x193/0x590 kernel/time/timer.c:1700\n expire_timers kernel/time/timer.c:1751 [inline]\n __run_timers+0x764/0xb20 kernel/time/timer.c:2022\n run_timer_softirq+0x58/0xd0 kernel/time/timer.c:2035\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n invoke_softirq kernel/softirq.c:427 [inline]\n __irq_exit_rcu kernel/softirq.c:632 [inline]\n irq_exit_rcu+0xb7/0x120 kernel/softirq.c:644\n sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1076\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649\n...\n\nThis issue is also found in older kernels (at least up to 5.10)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:21:13.464Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0d8011a878fdf96123bc0d6a12e2fe7ced5fddfb"
        },
        {
          "url": "https://git.kernel.org/stable/c/de769423b2f053182a41317c4db5a927e90622a0"
        },
        {
          "url": "https://git.kernel.org/stable/c/56440799fc4621c279df16176f83a995d056023a"
        },
        {
          "url": "https://git.kernel.org/stable/c/923dea2a7ea9e1ef5ac4031fba461c1cc92e32b8"
        },
        {
          "url": "https://git.kernel.org/stable/c/547545e50c913861219947ce490c68a1776b9b51"
        },
        {
          "url": "https://git.kernel.org/stable/c/37e8c97e539015637cb920d3e6f1e404f707a06e"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
        }
      ],
      "title": "net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26707",
    "datePublished": "2024-04-03T14:55:10.262Z",
    "dateReserved": "2024-02-19T14:20:24.158Z",
    "dateUpdated": "2024-09-11T17:32:53.817Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26707\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-03T15:15:53.340\",\"lastModified\":\"2024-06-25T22:15:21.363\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()\\n\\nSyzkaller reported [1] hitting a warning after failing to allocate\\nresources for skb in hsr_init_skb(). Since a WARN_ONCE() call will\\nnot help much in this case, it might be prudent to switch to\\nnetdev_warn_once(). At the very least it will suppress syzkaller\\nreports such as [1].\\n\\nJust in case, use netdev_warn_once() in send_prp_supervision_frame()\\nfor similar reasons.\\n\\n[1]\\nHSR: Could not send supervision frame\\nWARNING: CPU: 1 PID: 85 at net/hsr/hsr_device.c:294 send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294\\nRIP: 0010:send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294\\n...\\nCall Trace:\\n \u003cIRQ\u003e\\n hsr_announce+0x114/0x370 net/hsr/hsr_device.c:382\\n call_timer_fn+0x193/0x590 kernel/time/timer.c:1700\\n expire_timers kernel/time/timer.c:1751 [inline]\\n __run_timers+0x764/0xb20 kernel/time/timer.c:2022\\n run_timer_softirq+0x58/0xd0 kernel/time/timer.c:2035\\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\\n invoke_softirq kernel/softirq.c:427 [inline]\\n __irq_exit_rcu kernel/softirq.c:632 [inline]\\n irq_exit_rcu+0xb7/0x120 kernel/softirq.c:644\\n sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1076\\n \u003c/IRQ\u003e\\n \u003cTASK\u003e\\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649\\n...\\n\\nThis issue is also found in older kernels (at least up to 5.10).\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: hsr: eliminar WARN_ONCE() en send_hsr_supervision_frame() Syzkaller inform\u00f3 [1] que apareci\u00f3 una advertencia despu\u00e9s de no poder asignar recursos para skb en hsr_init_skb(). Dado que una llamada WARN_ONCE() no ayudar\u00e1 mucho en este caso, podr\u00eda ser prudente cambiar a netdev_warn_once(). Como m\u00ednimo, suprimir\u00e1 informes de syzkaller como [1]. Por las dudas, utilice netdev_warn_once() en send_prp_supervision_frame() por motivos similares. [1] HSR: No se pudo enviar la trama de supervisi\u00f3n ADVERTENCIA: CPU: 1 PID: 85 en net/hsr/hsr_device.c:294 send_hsr_supervision_frame+0x60a/0x810 net/hsr/hsr_device.c:294 RIP: 0010:send_hsr_supervision_frame+0x60a/ 0x810 net/hsr/hsr_device.c:294 ... Seguimiento de llamadas:  hsr_announce+0x114/0x370 net/hsr/hsr_device.c:382 call_timer_fn+0x193/0x590 kernel/time/timer.c:1700 expire_timers kernel/ time/timer.c:1751 [en l\u00ednea] __run_timers+0x764/0xb20 kernel/time/timer.c:2022 run_timer_softirq+0x58/0xd0 kernel/time/timer.c:2035 __do_softirq+0x21a/0x8de kernel/softirq.c:553 invoke_softirq kernel/softirq.c:427 [en l\u00ednea] __irq_exit_rcu kernel/softirq.c:632 [en l\u00ednea] irq_exit_rcu+0xb7/0x120 kernel/softirq.c:644 sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c :1076   asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:649 ... Este problema tambi\u00e9n se encuentra en kernels m\u00e1s antiguos (al menos hasta 5.10).\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0d8011a878fdf96123bc0d6a12e2fe7ced5fddfb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/37e8c97e539015637cb920d3e6f1e404f707a06e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/547545e50c913861219947ce490c68a1776b9b51\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/56440799fc4621c279df16176f83a995d056023a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/923dea2a7ea9e1ef5ac4031fba461c1cc92e32b8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/de769423b2f053182a41317c4db5a927e90622a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.