CVE-2024-47708
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
netkit: Assign missing bpf_net_context
During the introduction of struct bpf_net_context handling for XDP-redirect, the netkit driver has been missed, which also requires it because NETKIT_REDIRECT invokes skb_do_redirect() which is accessing the per-CPU variables. Otherwise we see the following crash:
BUG: kernel NULL pointer dereference, address: 0000000000000038
bpf_redirect()
netkit_xmit()
dev_hard_start_xmit()
Set the bpf_net_context before invoking netkit_xmit() program within the netkit driver.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 401cb7dae8130fd34eb84648e02ab4c506df7d5e < 182c6fed8c7f62cddce0126ec1fc0da2b700fb11 | affected |
| Linux | Linux | 401cb7dae8130fd34eb84648e02ab4c506df7d5e < 157f29152b61ca41809dd7ead29f5733adeced19 | affected |
| Linux | Linux | 6.11 | affected |
| Linux | Linux | 0 < 6.11 | unaffected |
| Linux | Linux | 6.11.2 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/182c6fed8c7f62cddce0126ec1fc0da2b700fb11
- https://git.kernel.org/stable/c/157f29152b61ca41809dd7ead29f5733adeced19
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.