CVE-2024-47408

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/smc: check smcd_v2_ext_offset when receiving proposal msg

When receiving proposal msg in server, the field smcd_v2_ext_offset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcd_v2_ext_offset exceed the max value, there has the chance to access wrong address, and crash may happen.

This patch checks the value of smcd_v2_ext_offset before using it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5c21c4ccafe85906db809de3af391fd434df8a27 < a36364d8d4fabb105001f992fb8ff2d3546203d6affected
LinuxLinux5c21c4ccafe85906db809de3af391fd434df8a27 < e1cc8be2a785a8f1ce1f597f3e608602c5fccd46affected
LinuxLinux5c21c4ccafe85906db809de3af391fd434df8a27 < 935caf324b445fe73d7708fae6f7176fb243f357affected
LinuxLinux5c21c4ccafe85906db809de3af391fd434df8a27 < 48d5a8a304a643613dab376a278f29d3e22f7c34affected
LinuxLinux5c21c4ccafe85906db809de3af391fd434df8a27 < 9ab332deb671d8f7e66d82a2ff2b3f715bc3a4adaffected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.15.176 <= 5.15.*unaffected
LinuxLinux6.1.122 <= 6.1.*unaffected
LinuxLinux6.6.68 <= 6.6.*unaffected
LinuxLinux6.12.7 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References