cve-2024-42082
Vulnerability from cvelistv5
Published
2024-07-29 15:52
Modified
2024-12-19 09:12
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from __xdp_reg_mem_model() syzkaller reports a warning in __xdp_reg_mem_model(). The warning occurs only if __mem_id_init_hash_table() returns an error. It returns the error in two cases: 1. memory allocation fails; 2. rhashtable_init() fails when some fields of rhashtable_params struct are not initialized properly. The second case cannot happen since there is a static const rhashtable_params struct with valid fields. So, warning is only triggered when there is a problem with memory allocation. Thus, there is no sense in using WARN() to handle this error and it can be safely removed. WARNING: CPU: 0 PID: 5065 at net/core/xdp.c:299 __xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299 CPU: 0 PID: 5065 Comm: syz-executor883 Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 RIP: 0010:__xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299 Call Trace: xdp_reg_mem_model+0x22/0x40 net/core/xdp.c:344 xdp_test_run_setup net/bpf/test_run.c:188 [inline] bpf_test_run_xdp_live+0x365/0x1e90 net/bpf/test_run.c:377 bpf_prog_test_run_xdp+0x813/0x11b0 net/bpf/test_run.c:1267 bpf_prog_test_run+0x33a/0x3b0 kernel/bpf/syscall.c:4240 __sys_bpf+0x48d/0x810 kernel/bpf/syscall.c:5649 __do_sys_bpf kernel/bpf/syscall.c:5738 [inline] __se_sys_bpf kernel/bpf/syscall.c:5736 [inline] __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5736 do_syscall_64+0xfb/0x240 entry_SYSCALL_64_after_hwframe+0x6d/0x75 Found by Linux Verification Center (linuxtesting.org) with syzkaller.
Impacted products
Vendor Product Version
Linux Linux Version: 4.18
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1095b8efbb13a6a5fa583ed373ee1ccab29da2d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1d3e3b3aa2cbe9bc7db9a7f8673a9fa6d2990d54"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e0c539ee265d5c6e7fa7d229cd4aa7bc01816e2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/14e51ea78b4ccacb7acb1346b9241bb790a2054c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f92298b0467fd77edc4c1a2c3e48833e69840ec4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e9f79428372c6eab92271390851be34ab26bfb4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-42082",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:19:06.855038Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:07.377Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/core/xdp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1095b8efbb13a6a5fa583ed373ee1ccab29da2d0",
              "status": "affected",
              "version": "8d5d88527587516bd58ff0f3810f07c38e65e2be",
              "versionType": "git"
            },
            {
              "lessThan": "1d3e3b3aa2cbe9bc7db9a7f8673a9fa6d2990d54",
              "status": "affected",
              "version": "8d5d88527587516bd58ff0f3810f07c38e65e2be",
              "versionType": "git"
            },
            {
              "lessThan": "4e0c539ee265d5c6e7fa7d229cd4aa7bc01816e2",
              "status": "affected",
              "version": "8d5d88527587516bd58ff0f3810f07c38e65e2be",
              "versionType": "git"
            },
            {
              "lessThan": "14e51ea78b4ccacb7acb1346b9241bb790a2054c",
              "status": "affected",
              "version": "8d5d88527587516bd58ff0f3810f07c38e65e2be",
              "versionType": "git"
            },
            {
              "lessThan": "f92298b0467fd77edc4c1a2c3e48833e69840ec4",
              "status": "affected",
              "version": "8d5d88527587516bd58ff0f3810f07c38e65e2be",
              "versionType": "git"
            },
            {
              "lessThan": "7e9f79428372c6eab92271390851be34ab26bfb4",
              "status": "affected",
              "version": "8d5d88527587516bd58ff0f3810f07c38e65e2be",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/core/xdp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "lessThan": "4.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.97",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.37",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: Remove WARN() from __xdp_reg_mem_model()\n\nsyzkaller reports a warning in __xdp_reg_mem_model().\n\nThe warning occurs only if __mem_id_init_hash_table() returns an error. It\nreturns the error in two cases:\n\n  1. memory allocation fails;\n  2. rhashtable_init() fails when some fields of rhashtable_params\n     struct are not initialized properly.\n\nThe second case cannot happen since there is a static const rhashtable_params\nstruct with valid fields. So, warning is only triggered when there is a\nproblem with memory allocation.\n\nThus, there is no sense in using WARN() to handle this error and it can be\nsafely removed.\n\nWARNING: CPU: 0 PID: 5065 at net/core/xdp.c:299 __xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299\n\nCPU: 0 PID: 5065 Comm: syz-executor883 Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nRIP: 0010:__xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299\n\nCall Trace:\n xdp_reg_mem_model+0x22/0x40 net/core/xdp.c:344\n xdp_test_run_setup net/bpf/test_run.c:188 [inline]\n bpf_test_run_xdp_live+0x365/0x1e90 net/bpf/test_run.c:377\n bpf_prog_test_run_xdp+0x813/0x11b0 net/bpf/test_run.c:1267\n bpf_prog_test_run+0x33a/0x3b0 kernel/bpf/syscall.c:4240\n __sys_bpf+0x48d/0x810 kernel/bpf/syscall.c:5649\n __do_sys_bpf kernel/bpf/syscall.c:5738 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5736 [inline]\n __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5736\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nFound by Linux Verification Center (linuxtesting.org) with syzkaller."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:12:23.679Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1095b8efbb13a6a5fa583ed373ee1ccab29da2d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d3e3b3aa2cbe9bc7db9a7f8673a9fa6d2990d54"
        },
        {
          "url": "https://git.kernel.org/stable/c/4e0c539ee265d5c6e7fa7d229cd4aa7bc01816e2"
        },
        {
          "url": "https://git.kernel.org/stable/c/14e51ea78b4ccacb7acb1346b9241bb790a2054c"
        },
        {
          "url": "https://git.kernel.org/stable/c/f92298b0467fd77edc4c1a2c3e48833e69840ec4"
        },
        {
          "url": "https://git.kernel.org/stable/c/7e9f79428372c6eab92271390851be34ab26bfb4"
        }
      ],
      "title": "xdp: Remove WARN() from __xdp_reg_mem_model()",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-42082",
    "datePublished": "2024-07-29T15:52:43.989Z",
    "dateReserved": "2024-07-29T15:50:41.170Z",
    "dateUpdated": "2024-12-19T09:12:23.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-42082\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-29T16:15:07.373\",\"lastModified\":\"2024-11-21T09:33:33.530\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nxdp: Remove WARN() from __xdp_reg_mem_model()\\n\\nsyzkaller reports a warning in __xdp_reg_mem_model().\\n\\nThe warning occurs only if __mem_id_init_hash_table() returns an error. It\\nreturns the error in two cases:\\n\\n  1. memory allocation fails;\\n  2. rhashtable_init() fails when some fields of rhashtable_params\\n     struct are not initialized properly.\\n\\nThe second case cannot happen since there is a static const rhashtable_params\\nstruct with valid fields. So, warning is only triggered when there is a\\nproblem with memory allocation.\\n\\nThus, there is no sense in using WARN() to handle this error and it can be\\nsafely removed.\\n\\nWARNING: CPU: 0 PID: 5065 at net/core/xdp.c:299 __xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299\\n\\nCPU: 0 PID: 5065 Comm: syz-executor883 Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\\nRIP: 0010:__xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299\\n\\nCall Trace:\\n xdp_reg_mem_model+0x22/0x40 net/core/xdp.c:344\\n xdp_test_run_setup net/bpf/test_run.c:188 [inline]\\n bpf_test_run_xdp_live+0x365/0x1e90 net/bpf/test_run.c:377\\n bpf_prog_test_run_xdp+0x813/0x11b0 net/bpf/test_run.c:1267\\n bpf_prog_test_run+0x33a/0x3b0 kernel/bpf/syscall.c:4240\\n __sys_bpf+0x48d/0x810 kernel/bpf/syscall.c:5649\\n __do_sys_bpf kernel/bpf/syscall.c:5738 [inline]\\n __se_sys_bpf kernel/bpf/syscall.c:5736 [inline]\\n __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5736\\n do_syscall_64+0xfb/0x240\\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\\n\\nFound by Linux Verification Center (linuxtesting.org) with syzkaller.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: xdp: Eliminar WARN() de __xdp_reg_mem_model() syzkaller informa una advertencia en __xdp_reg_mem_model(). La advertencia ocurre solo si __mem_id_init_hash_table() devuelve un error. Devuelve el error en dos casos: 1. falla la asignaci\u00f3n de memoria; 2. rhashtable_init() falla cuando algunos campos de la estructura rhashtable_params no se inicializan correctamente. El segundo caso no puede ocurrir ya que hay una estructura est\u00e1tica const rhashtable_params con campos v\u00e1lidos. Por lo tanto, la advertencia s\u00f3lo se activa cuando hay un problema con la asignaci\u00f3n de memoria. Por lo tanto, no tiene sentido utilizar WARN() para manejar este error y se puede eliminar de forma segura. ADVERTENCIA: CPU: 0 PID: 5065 en net/core/xdp.c:299 __xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299 CPU: 0 PID: 5065 Comm: syz-executor883 No contaminado 6.8.0-syzkaller -05271-gf99c5f563c17 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 27/03/2024 RIP: 0010:__xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299 Seguimiento de llamadas: xdp_reg_mem_model+0x22/ 0x40 net/core/xdp.c:344 xdp_test_run_setup net/bpf/test_run.c:188 [en l\u00ednea] bpf_test_run_xdp_live+0x365/0x1e90 net/bpf/test_run.c:377 bpf_prog_test_run_xdp+0x813/0x11b0 net/bpf/test_ ejecutar.c: 1267 bpf_prog_test_run+0x33a/0x3b0 kernel/bpf/syscall.c:4240 __sys_bpf+0x48d/0x810 kernel/bpf/syscall.c:5649 __do_sys_bpf kernel/bpf/syscall.c:5738 [en l\u00ednea] pf kernel/bpf/syscall.c :5736 [en l\u00ednea] __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5736 do_syscall_64+0xfb/0x240 Entry_SYSCALL_64_after_hwframe+0x6d/0x75 Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con syzkaller.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.18\",\"matchCriteriaId\":\"3249552B-A101-45A3-9F46-0E0F0BDBA9E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19\",\"versionEndExcluding\":\"5.10.221\",\"matchCriteriaId\":\"A8BA741C-9AA4-40E2-9FC0-E66CDEFE9BB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.162\",\"matchCriteriaId\":\"10A39ACC-3005-40E8-875C-98A372D1FFD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.97\",\"matchCriteriaId\":\"748B6C4B-1F61-47F9-96CC-8899B8412D84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.37\",\"matchCriteriaId\":\"D72E033B-5323-4C4D-8818-36E1EBC3535F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.9.8\",\"matchCriteriaId\":\"E95105F2-32E3-4C5F-9D18-7AEFD0E6275C\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1095b8efbb13a6a5fa583ed373ee1ccab29da2d0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/14e51ea78b4ccacb7acb1346b9241bb790a2054c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1d3e3b3aa2cbe9bc7db9a7f8673a9fa6d2990d54\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4e0c539ee265d5c6e7fa7d229cd4aa7bc01816e2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7e9f79428372c6eab92271390851be34ab26bfb4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f92298b0467fd77edc4c1a2c3e48833e69840ec4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1095b8efbb13a6a5fa583ed373ee1ccab29da2d0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/14e51ea78b4ccacb7acb1346b9241bb790a2054c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1d3e3b3aa2cbe9bc7db9a7f8673a9fa6d2990d54\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4e0c539ee265d5c6e7fa7d229cd4aa7bc01816e2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7e9f79428372c6eab92271390851be34ab26bfb4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f92298b0467fd77edc4c1a2c3e48833e69840ec4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.