CVE-2024-50274
Vulnerability from cvelistv5
Published
2024-11-19 01:30
Modified
2024-12-19 09:37
Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
idpf: avoid vport access in idpf_get_link_ksettings
When the device control plane is removed or the platform
running device control plane is rebooted, a reset is detected
on the driver. On driver reset, it releases the resources and
waits for the reset to complete. If the reset fails, it takes
the error path and releases the vport lock. At this time if the
monitoring tools tries to access link settings, it call traces
for accessing released vport pointer.
To avoid it, move link_speed_mbps to netdev_priv structure
which removes the dependency on vport pointer and the vport lock
in idpf_get_link_ksettings. Also use netif_carrier_ok()
to check the link status and adjust the offsetof to use link_up
instead of link_speed_mbps.
References
Impacted products
{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/idpf/idpf.h", "drivers/net/ethernet/intel/idpf/idpf_ethtool.c", "drivers/net/ethernet/intel/idpf/idpf_lib.c", "drivers/net/ethernet/intel/idpf/idpf_virtchnl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "fa4d906ad0fb63a980a1d586a061c78ea1a345ba", "status": "affected", "version": "02cbfba1add5bd9088c7d14c6b93b77a6ea8f3bb", "versionType": "git" }, { "lessThan": "81d2fb4c7c18a3b36ba3e00b9d5b753107472d75", "status": "affected", "version": "02cbfba1add5bd9088c7d14c6b93b77a6ea8f3bb", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/idpf/idpf.h", "drivers/net/ethernet/intel/idpf/idpf_ethtool.c", "drivers/net/ethernet/intel/idpf/idpf_lib.c", "drivers/net/ethernet/intel/idpf/idpf_virtchnl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "6.7" }, { "lessThan": "6.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.11.*", "status": "unaffected", "version": "6.11.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.12", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: avoid vport access in idpf_get_link_ksettings\n\nWhen the device control plane is removed or the platform\nrunning device control plane is rebooted, a reset is detected\non the driver. On driver reset, it releases the resources and\nwaits for the reset to complete. If the reset fails, it takes\nthe error path and releases the vport lock. At this time if the\nmonitoring tools tries to access link settings, it call traces\nfor accessing released vport pointer.\n\nTo avoid it, move link_speed_mbps to netdev_priv structure\nwhich removes the dependency on vport pointer and the vport lock\nin idpf_get_link_ksettings. Also use netif_carrier_ok()\nto check the link status and adjust the offsetof to use link_up\ninstead of link_speed_mbps." } ], "providerMetadata": { "dateUpdated": "2024-12-19T09:37:04.833Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/fa4d906ad0fb63a980a1d586a061c78ea1a345ba" }, { "url": "https://git.kernel.org/stable/c/81d2fb4c7c18a3b36ba3e00b9d5b753107472d75" } ], "title": "idpf: avoid vport access in idpf_get_link_ksettings", "x_generator": { "engine": "bippy-5f407fcff5a0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-50274", "datePublished": "2024-11-19T01:30:13.973Z", "dateReserved": "2024-10-21T19:36:19.983Z", "dateUpdated": "2024-12-19T09:37:04.833Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-50274\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-19T02:16:29.650\",\"lastModified\":\"2024-11-27T15:59:35.733\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nidpf: avoid vport access in idpf_get_link_ksettings\\n\\nWhen the device control plane is removed or the platform\\nrunning device control plane is rebooted, a reset is detected\\non the driver. On driver reset, it releases the resources and\\nwaits for the reset to complete. If the reset fails, it takes\\nthe error path and releases the vport lock. At this time if the\\nmonitoring tools tries to access link settings, it call traces\\nfor accessing released vport pointer.\\n\\nTo avoid it, move link_speed_mbps to netdev_priv structure\\nwhich removes the dependency on vport pointer and the vport lock\\nin idpf_get_link_ksettings. Also use netif_carrier_ok()\\nto check the link status and adjust the offsetof to use link_up\\ninstead of link_speed_mbps.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: idpf: evitar el acceso a vport en idpf_get_link_ksettings Cuando se elimina el plano de control del dispositivo o se reinicia la plataforma que ejecuta el plano de control del dispositivo, se detecta un reinicio en el controlador. Al reiniciar el controlador, libera los recursos y espera a que se complete el reinicio. Si el reinicio falla, toma la ruta de error y libera el bloqueo de vport. En este momento, si las herramientas de monitoreo intentan acceder a la configuraci\u00f3n del enlace, invocan seguimientos para acceder al puntero de vport liberado. Para evitarlo, mueva link_speed_mbps a la estructura netdev_priv que elimina la dependencia del puntero de vport y el bloqueo de vport en idpf_get_link_ksettings. Tambi\u00e9n use netif_carrier_ok() para verificar el estado del enlace y ajuste el offsetof para usar link_up en lugar de link_speed_mbps.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.8\",\"matchCriteriaId\":\"0BD000F7-3DAD-4DD3-8906-98EA1EC67E95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DBE6C7-2AAE-4818-AED2-E131F153D2FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"24B88717-53F5-42AA-9B72-14C707639E3F\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/81d2fb4c7c18a3b36ba3e00b9d5b753107472d75\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fa4d906ad0fb63a980a1d586a061c78ea1a345ba\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.