CVE-2024-54031 (GCVE-0-2024-54031)

Vulnerability from cvelistv5 – Published: 2025-01-15 13:10 – Updated: 2025-11-03 20:48
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext Access to genmask field in struct nft_set_ext results in unaligned atomic read: [ 72.130109] Unable to handle kernel paging request at virtual address ffff0000c2bb708c [ 72.131036] Mem abort info: [ 72.131213] ESR = 0x0000000096000021 [ 72.131446] EC = 0x25: DABT (current EL), IL = 32 bits [ 72.132209] SET = 0, FnV = 0 [ 72.133216] EA = 0, S1PTW = 0 [ 72.134080] FSC = 0x21: alignment fault [ 72.135593] Data abort info: [ 72.137194] ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000 [ 72.142351] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 72.145989] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 72.150115] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000237d27000 [ 72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403, +pte=0068000102bb7707 [ 72.163021] Internal error: Oops: 0000000096000021 [#1] SMP [...] [ 72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Tainted: G E 6.13.0-rc3+ #2 [ 72.170509] Tainted: [E]=UNSIGNED_MODULE [ 72.170720] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-stable202302-for-qemu 03/01/2023 [ 72.171192] Workqueue: events_power_efficient nft_rhash_gc [nf_tables] [ 72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 72.171915] pc : nft_rhash_gc+0x200/0x2d8 [nf_tables] [ 72.172166] lr : nft_rhash_gc+0x128/0x2d8 [nf_tables] [ 72.172546] sp : ffff800081f2bce0 [ 72.172724] x29: ffff800081f2bd40 x28: ffff0000c2bb708c x27: 0000000000000038 [ 72.173078] x26: ffff0000c6780ef0 x25: ffff0000c643df00 x24: ffff0000c6778f78 [ 72.173431] x23: 000000000000001a x22: ffff0000c4b1f000 x21: ffff0000c6780f78 [ 72.173782] x20: ffff0000c2bb70dc x19: ffff0000c2bb7080 x18: 0000000000000000 [ 72.174135] x17: ffff0000c0a4e1c0 x16: 0000000000003000 x15: 0000ac26d173b978 [ 72.174485] x14: ffffffffffffffff x13: 0000000000000030 x12: ffff0000c6780ef0 [ 72.174841] x11: 0000000000000000 x10: ffff800081f2bcf8 x9 : ffff0000c3000000 [ 72.175193] x8 : 00000000000004be x7 : 0000000000000000 x6 : 0000000000000000 [ 72.175544] x5 : 0000000000000040 x4 : ffff0000c3000010 x3 : 0000000000000000 [ 72.175871] x2 : 0000000000003a98 x1 : ffff0000c2bb708c x0 : 0000000000000004 [ 72.176207] Call trace: [ 72.176316] nft_rhash_gc+0x200/0x2d8 [nf_tables] (P) [ 72.176653] process_one_work+0x178/0x3d0 [ 72.176831] worker_thread+0x200/0x3f0 [ 72.176995] kthread+0xe8/0xf8 [ 72.177130] ret_from_fork+0x10/0x20 [ 72.177289] Code: 54fff984 d503201f d2800080 91003261 (f820303f) [ 72.177557] ---[ end trace 0000000000000000 ]--- Align struct nft_set_ext to word size to address this and documentation it. pahole reports that this increases the size of elements for rhash and pipapo in 8 bytes on x86_64.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 98d62cf0e26305dd6a1932a4054004290f4194bb , < 352f8eaaabd008f09d1e176194edc261a7304084 (git)
Affected: e21855091f11df80d41239dbc5f8545b772c657d , < 6a14b46052eeb83175a95baf399283860b9d94c4 (git)
Affected: 59a59da8de47848575eedc141a74aae57696706d , < 277f00b0c2dca8794cf4837722960bdc4174911f (git)
Affected: 23a6919bb3ecf6787f060476ee6810ad55ebf9c8 , < 607774a13764676d4b8be9c8b9c66b8cf3469043 (git)
Affected: 86c27603514cb8ead29857365cdd145404ee9706 , < 4f49349c1963e507aa37c1ec05178faeb0103959 (git)
Affected: be4d0ac67d92e6a285cd3eeb672188d249c121b2 , < d24cbc43cc7b41a0824b0bc6ec4d8436d8d7a9c0 (git)
Affected: 7ffc7481153bbabf3332c6a19b289730c7e1edf5 , < 542ed8145e6f9392e3d0a86a0e9027d2ffd183e4 (git)
Create a notification for this product.
    Linux Linux Affected: 5.4.287 , < 5.4.289 (semver)
Affected: 5.10.231 , < 5.10.233 (semver)
Affected: 5.15.174 , < 5.15.176 (semver)
Affected: 6.1.120 , < 6.1.124 (semver)
Affected: 6.6.66 , < 6.6.70 (semver)
Affected: 6.12.5 , < 6.12.9 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:48:29.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_tables.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "352f8eaaabd008f09d1e176194edc261a7304084",
              "status": "affected",
              "version": "98d62cf0e26305dd6a1932a4054004290f4194bb",
              "versionType": "git"
            },
            {
              "lessThan": "6a14b46052eeb83175a95baf399283860b9d94c4",
              "status": "affected",
              "version": "e21855091f11df80d41239dbc5f8545b772c657d",
              "versionType": "git"
            },
            {
              "lessThan": "277f00b0c2dca8794cf4837722960bdc4174911f",
              "status": "affected",
              "version": "59a59da8de47848575eedc141a74aae57696706d",
              "versionType": "git"
            },
            {
              "lessThan": "607774a13764676d4b8be9c8b9c66b8cf3469043",
              "status": "affected",
              "version": "23a6919bb3ecf6787f060476ee6810ad55ebf9c8",
              "versionType": "git"
            },
            {
              "lessThan": "4f49349c1963e507aa37c1ec05178faeb0103959",
              "status": "affected",
              "version": "86c27603514cb8ead29857365cdd145404ee9706",
              "versionType": "git"
            },
            {
              "lessThan": "d24cbc43cc7b41a0824b0bc6ec4d8436d8d7a9c0",
              "status": "affected",
              "version": "be4d0ac67d92e6a285cd3eeb672188d249c121b2",
              "versionType": "git"
            },
            {
              "lessThan": "542ed8145e6f9392e3d0a86a0e9027d2ffd183e4",
              "status": "affected",
              "version": "7ffc7481153bbabf3332c6a19b289730c7e1edf5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_tables.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.4.289",
              "status": "affected",
              "version": "5.4.287",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.233",
              "status": "affected",
              "version": "5.10.231",
              "versionType": "semver"
            },
            {
              "lessThan": "5.15.176",
              "status": "affected",
              "version": "5.15.174",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.124",
              "status": "affected",
              "version": "6.1.120",
              "versionType": "semver"
            },
            {
              "lessThan": "6.6.70",
              "status": "affected",
              "version": "6.6.66",
              "versionType": "semver"
            },
            {
              "lessThan": "6.12.9",
              "status": "affected",
              "version": "6.12.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.289",
                  "versionStartIncluding": "5.4.287",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.233",
                  "versionStartIncluding": "5.10.231",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.176",
                  "versionStartIncluding": "5.15.174",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.124",
                  "versionStartIncluding": "6.1.120",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.70",
                  "versionStartIncluding": "6.6.66",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.9",
                  "versionStartIncluding": "6.12.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext\n\nAccess to genmask field in struct nft_set_ext results in unaligned\natomic read:\n\n[   72.130109] Unable to handle kernel paging request at virtual address ffff0000c2bb708c\n[   72.131036] Mem abort info:\n[   72.131213]   ESR = 0x0000000096000021\n[   72.131446]   EC = 0x25: DABT (current EL), IL = 32 bits\n[   72.132209]   SET = 0, FnV = 0\n[   72.133216]   EA = 0, S1PTW = 0\n[   72.134080]   FSC = 0x21: alignment fault\n[   72.135593] Data abort info:\n[   72.137194]   ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000\n[   72.142351]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[   72.145989]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[   72.150115] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000237d27000\n[   72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403,\n+pte=0068000102bb7707\n[   72.163021] Internal error: Oops: 0000000096000021 [#1] SMP\n[...]\n[   72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Tainted: G            E      6.13.0-rc3+ #2\n[   72.170509] Tainted: [E]=UNSIGNED_MODULE\n[   72.170720] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-stable202302-for-qemu 03/01/2023\n[   72.171192] Workqueue: events_power_efficient nft_rhash_gc [nf_tables]\n[   72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[   72.171915] pc : nft_rhash_gc+0x200/0x2d8 [nf_tables]\n[   72.172166] lr : nft_rhash_gc+0x128/0x2d8 [nf_tables]\n[   72.172546] sp : ffff800081f2bce0\n[   72.172724] x29: ffff800081f2bd40 x28: ffff0000c2bb708c x27: 0000000000000038\n[   72.173078] x26: ffff0000c6780ef0 x25: ffff0000c643df00 x24: ffff0000c6778f78\n[   72.173431] x23: 000000000000001a x22: ffff0000c4b1f000 x21: ffff0000c6780f78\n[   72.173782] x20: ffff0000c2bb70dc x19: ffff0000c2bb7080 x18: 0000000000000000\n[   72.174135] x17: ffff0000c0a4e1c0 x16: 0000000000003000 x15: 0000ac26d173b978\n[   72.174485] x14: ffffffffffffffff x13: 0000000000000030 x12: ffff0000c6780ef0\n[   72.174841] x11: 0000000000000000 x10: ffff800081f2bcf8 x9 : ffff0000c3000000\n[   72.175193] x8 : 00000000000004be x7 : 0000000000000000 x6 : 0000000000000000\n[   72.175544] x5 : 0000000000000040 x4 : ffff0000c3000010 x3 : 0000000000000000\n[   72.175871] x2 : 0000000000003a98 x1 : ffff0000c2bb708c x0 : 0000000000000004\n[   72.176207] Call trace:\n[   72.176316]  nft_rhash_gc+0x200/0x2d8 [nf_tables] (P)\n[   72.176653]  process_one_work+0x178/0x3d0\n[   72.176831]  worker_thread+0x200/0x3f0\n[   72.176995]  kthread+0xe8/0xf8\n[   72.177130]  ret_from_fork+0x10/0x20\n[   72.177289] Code: 54fff984 d503201f d2800080 91003261 (f820303f)\n[   72.177557] ---[ end trace 0000000000000000 ]---\n\nAlign struct nft_set_ext to word size to address this and\ndocumentation it.\n\npahole reports that this increases the size of elements for rhash and\npipapo in 8 bytes on x86_64."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:56:59.169Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/352f8eaaabd008f09d1e176194edc261a7304084"
        },
        {
          "url": "https://git.kernel.org/stable/c/6a14b46052eeb83175a95baf399283860b9d94c4"
        },
        {
          "url": "https://git.kernel.org/stable/c/277f00b0c2dca8794cf4837722960bdc4174911f"
        },
        {
          "url": "https://git.kernel.org/stable/c/607774a13764676d4b8be9c8b9c66b8cf3469043"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f49349c1963e507aa37c1ec05178faeb0103959"
        },
        {
          "url": "https://git.kernel.org/stable/c/d24cbc43cc7b41a0824b0bc6ec4d8436d8d7a9c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/542ed8145e6f9392e3d0a86a0e9027d2ffd183e4"
        }
      ],
      "title": "netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-54031",
    "datePublished": "2025-01-15T13:10:23.140Z",
    "dateReserved": "2025-01-15T13:08:59.769Z",
    "dateUpdated": "2025-11-03T20:48:29.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-54031\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-15T13:15:11.203\",\"lastModified\":\"2025-11-03T21:17:48.210\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext\\n\\nAccess to genmask field in struct nft_set_ext results in unaligned\\natomic read:\\n\\n[   72.130109] Unable to handle kernel paging request at virtual address ffff0000c2bb708c\\n[   72.131036] Mem abort info:\\n[   72.131213]   ESR = 0x0000000096000021\\n[   72.131446]   EC = 0x25: DABT (current EL), IL = 32 bits\\n[   72.132209]   SET = 0, FnV = 0\\n[   72.133216]   EA = 0, S1PTW = 0\\n[   72.134080]   FSC = 0x21: alignment fault\\n[   72.135593] Data abort info:\\n[   72.137194]   ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000\\n[   72.142351]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0\\n[   72.145989]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\\n[   72.150115] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000237d27000\\n[   72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403,\\n+pte=0068000102bb7707\\n[   72.163021] Internal error: Oops: 0000000096000021 [#1] SMP\\n[...]\\n[   72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Tainted: G            E      6.13.0-rc3+ #2\\n[   72.170509] Tainted: [E]=UNSIGNED_MODULE\\n[   72.170720] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-stable202302-for-qemu 03/01/2023\\n[   72.171192] Workqueue: events_power_efficient nft_rhash_gc [nf_tables]\\n[   72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\\n[   72.171915] pc : nft_rhash_gc+0x200/0x2d8 [nf_tables]\\n[   72.172166] lr : nft_rhash_gc+0x128/0x2d8 [nf_tables]\\n[   72.172546] sp : ffff800081f2bce0\\n[   72.172724] x29: ffff800081f2bd40 x28: ffff0000c2bb708c x27: 0000000000000038\\n[   72.173078] x26: ffff0000c6780ef0 x25: ffff0000c643df00 x24: ffff0000c6778f78\\n[   72.173431] x23: 000000000000001a x22: ffff0000c4b1f000 x21: ffff0000c6780f78\\n[   72.173782] x20: ffff0000c2bb70dc x19: ffff0000c2bb7080 x18: 0000000000000000\\n[   72.174135] x17: ffff0000c0a4e1c0 x16: 0000000000003000 x15: 0000ac26d173b978\\n[   72.174485] x14: ffffffffffffffff x13: 0000000000000030 x12: ffff0000c6780ef0\\n[   72.174841] x11: 0000000000000000 x10: ffff800081f2bcf8 x9 : ffff0000c3000000\\n[   72.175193] x8 : 00000000000004be x7 : 0000000000000000 x6 : 0000000000000000\\n[   72.175544] x5 : 0000000000000040 x4 : ffff0000c3000010 x3 : 0000000000000000\\n[   72.175871] x2 : 0000000000003a98 x1 : ffff0000c2bb708c x0 : 0000000000000004\\n[   72.176207] Call trace:\\n[   72.176316]  nft_rhash_gc+0x200/0x2d8 [nf_tables] (P)\\n[   72.176653]  process_one_work+0x178/0x3d0\\n[   72.176831]  worker_thread+0x200/0x3f0\\n[   72.176995]  kthread+0xe8/0xf8\\n[   72.177130]  ret_from_fork+0x10/0x20\\n[   72.177289] Code: 54fff984 d503201f d2800080 91003261 (f820303f)\\n[   72.177557] ---[ end trace 0000000000000000 ]---\\n\\nAlign struct nft_set_ext to word size to address this and\\ndocumentation it.\\n\\npahole reports that this increases the size of elements for rhash and\\npipapo in 8 bytes on x86_64.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_hash: lectura at\u00f3mica no alineada en la estructura nft_set_ext El acceso al campo genmask en la estructura nft_set_ext da como resultado una lectura at\u00f3mica no alineada: [72.130109] No se puede gestionar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual ffff0000c2bb708c [72.131036] Informaci\u00f3n de cancelaci\u00f3n de memoria: [72.131213] ESR = 0x0000000096000021 [72.131446] EC = 0x25: DABT (EL actual), IL = 32 bits [72.132209] SET = 0, FnV = 0 [72.133216] EA = 0, S1PTW = 0 [ 72.134080] FSC = 0x21: error de alineaci\u00f3n [ 72.135593] Informaci\u00f3n de cancelaci\u00f3n de datos: [ 72.137194] ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000 [ 72.142351] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 72.145989] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 72.150115] swapper pgtable: p\u00e1ginas de 4k, VA de 48 bits, pgdp=0000000237d27000 [ 72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403, +pte=0068000102bb7707 [ 72.163021] Error interno: Oops: 0000000096000021 [#1] SMP [...] [ 72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Contaminado: GE 6.13.0-rc3+ #2 [ 72.170509] Contaminado: [E]=UNSIGNED_MODULE [ 72.170720] Nombre del hardware: QEMU QEMU Virtual M\u00e1quina, BIOS edk2-stable202302-for-qemu 03/01/2023 [ 72.171192] Cola de trabajo: events_power_efficient nft_rhash_gc [nf_tables] [ 72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 72.171915] pc : nft_rhash_gc+0x200/0x2d8 [nf_tables] [ 72.172166] lr : nft_rhash_gc+0x128/0x2d8 [nf_tables] [ 72.172546] sp : ffff800081f2bce0 [ 72.172724] x29: ffff800081f2bd40 x28: ffff0000c2bb708c x27: 0000000000000038 [ 72.173078] x26: ffff0000c6780ef0 x25: ffff0000c643df00 x24: ffff0000c6778f78 [ 72.173431] x23: 000000000000001a x22: ffff0000c4b1f000 x21: ffff0000c6780f78 [ 72.173782] x20: ffff0000c2bb70dc x19: ffff0000c2bb7080 x18: 0000000000000000 [ 72.174135] x17: ffff0000c0a4e1c0 x16: 0000000000003000 x15: 0000ac26d173b978 [ 72.174485] x14: ffffffffffffffffff x13: 0000000000000030 x12: ffff0000c6780ef0 [ 72.174841] x11: 000000000000000 x10: ffff800081f2bcf8 x9 : ffff0000c3000000 [ 72.175193] x8 : 00000000000004be x7 : 0000000000000000 x6 : 0000000000000000 [ 72.175544] x5 : 0000000000000040 x4 : ffff0000c3000010 x3 : 0000000000000000 [ 72.175871] x2 : 0000000000003a98 x1 : ffff0000c2bb708c x0 : 0000000000000004 [ 72.176207] Rastreo de llamadas: [ 72.176316] nft_rhash_gc+0x200/0x2d8 [nf_tables] (P) [ 72.176653] process_one_work+0x178/0x3d0 [ 72.176831] worker_thread+0x200/0x3f0 [ 72.176995] kthread+0xe8/0xf8 [ 72.177130] ret_from_fork+0x10/0x20 [ 72.177289] C\u00f3digo: 54fff984 d503201f d2800080 91003261 (f820303f) [ 72.177557] ---[ fin de seguimiento 0000000000000000 ]--- Alinear estructura nft_set_ext al tama\u00f1o de palabra para abordar esto y documentarlo. pahole informa que esto aumenta el tama\u00f1o de los elementos para rhash y pipapo en 8 bytes en x86_64.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4.287\",\"versionEndExcluding\":\"5.4.289\",\"matchCriteriaId\":\"01BBDED6-67CF-494C-9CBD-DA65F4FD18DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10.231\",\"versionEndExcluding\":\"5.10.233\",\"matchCriteriaId\":\"9087AA56-FA79-47B1-AAFC-8D11C50C8A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.15.174\",\"versionEndExcluding\":\"5.15.176\",\"matchCriteriaId\":\"9415F69D-CADF-4737-B54A-FB3F4CA32F1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.120\",\"versionEndExcluding\":\"6.1.124\",\"matchCriteriaId\":\"6D399917-13CA-4E84-AD0E-2C9DA170452E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6.66\",\"versionEndExcluding\":\"6.6.70\",\"matchCriteriaId\":\"EF01370F-8B38-42B0-A644-7358E22CC8F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.12.5\",\"versionEndExcluding\":\"6.12.9\",\"matchCriteriaId\":\"DE1BD979-F1AD-4BEF-BD24-3F562A854B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A073481-106D-4B15-B4C7-FB0213B8E1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE491969-75AE-4A6B-9A58-8FC5AF98798F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C0660D-7FB8-4FBA-892A-B064BA71E49E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"034C36A6-C481-41F3-AE9A-D116E5BE6895\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/277f00b0c2dca8794cf4837722960bdc4174911f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/352f8eaaabd008f09d1e176194edc261a7304084\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4f49349c1963e507aa37c1ec05178faeb0103959\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/542ed8145e6f9392e3d0a86a0e9027d2ffd183e4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/607774a13764676d4b8be9c8b9c66b8cf3469043\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6a14b46052eeb83175a95baf399283860b9d94c4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d24cbc43cc7b41a0824b0bc6ec4d8436d8d7a9c0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.