CVE-2024-39293

Summary

In the Linux kernel, the following vulnerability has been resolved:

Revert "xsk: Support redirect to any socket bound to the same umem"

This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db.

This patch introduced a potential kernel crash when multiple napi instances redirect to the same AF_XDP socket. By removing the queue_index check, it is possible for multiple napi instances to access the Rx ring at the same time, which will result in a corrupted ring state which can lead to a crash when flushing the rings in __xsk_flush(). This can happen when the linked list of sockets to flush gets corrupted by concurrent accesses. A quick and small fix is not possible, so let us revert this for now.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2863d665ea41282379f108e4da6c8a2366ba66db < 19cb40b1064566ea09538289bfcf5bc7ecb9b6f5affected
LinuxLinux2863d665ea41282379f108e4da6c8a2366ba66db < 7fcf26b315bbb728036da0862de6b335da83dff2affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.9.5 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References