CVE-2024-39293
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
Revert "xsk: Support redirect to any socket bound to the same umem"
This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db.
This patch introduced a potential kernel crash when multiple napi instances redirect to the same AF_XDP socket. By removing the queue_index check, it is possible for multiple napi instances to access the Rx ring at the same time, which will result in a corrupted ring state which can lead to a crash when flushing the rings in __xsk_flush(). This can happen when the linked list of sockets to flush gets corrupted by concurrent accesses. A quick and small fix is not possible, so let us revert this for now.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2863d665ea41282379f108e4da6c8a2366ba66db < 19cb40b1064566ea09538289bfcf5bc7ecb9b6f5 | affected |
| Linux | Linux | 2863d665ea41282379f108e4da6c8a2366ba66db < 7fcf26b315bbb728036da0862de6b335da83dff2 | affected |
| Linux | Linux | 6.9 | affected |
| Linux | Linux | 0 < 6.9 | unaffected |
| Linux | Linux | 6.9.5 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/19cb40b1064566ea09538289bfcf5bc7ecb9b6f5
- https://git.kernel.org/stable/c/7fcf26b315bbb728036da0862de6b335da83dff2
References
- https://git.kernel.org/stable/c/19cb40b1064566ea09538289bfcf5bc7ecb9b6f5
- https://git.kernel.org/stable/c/7fcf26b315bbb728036da0862de6b335da83dff2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.