CVE-2024-42283 (GCVE-0-2024-42283)

Vulnerability from cvelistv5 – Published: 2024-08-17 09:08 – Updated: 2025-11-03 22:03
VLAI?
Title
net: nexthop: Initialize all fields in dumped nexthops
Summary
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (edited for clarity): # ip nexthop add id 1 dev lo # ip nexthop add id 101 group 1 # strace -e recvmsg ip nexthop get id 101 ... recvmsg(... [{nla_len=12, nla_type=NHA_GROUP}, [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52 The fields are reserved and therefore not currently used. But as they are, they leak kernel memory, and the fact they are not just zero complicates repurposing of the fields for new ends. Initialize the full structure.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 430a049190de3c9e219f43084de9f1122da04570 , < fd06cb4a5fc7bda3dea31712618a62af72a1c6cb (git)
Affected: 430a049190de3c9e219f43084de9f1122da04570 , < 5cc4d71dda2dd4f1520f40e634a527022e48ccd8 (git)
Affected: 430a049190de3c9e219f43084de9f1122da04570 , < 9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0 (git)
Affected: 430a049190de3c9e219f43084de9f1122da04570 , < 1377de719652d868f5317ba8398b7e74c5f0430b (git)
Affected: 430a049190de3c9e219f43084de9f1122da04570 , < 7704460acd7f5d35eb07c52500987dc9b95313fb (git)
Affected: 430a049190de3c9e219f43084de9f1122da04570 , < a13d3864b76ac87085ec530b2ff8e37482a63a96 (git)
Affected: 430a049190de3c9e219f43084de9f1122da04570 , < 6d745cd0e9720282cd291d36b9db528aea18add2 (git)
Create a notification for this product.
    Linux Linux Affected: 5.3
Unaffected: 0 , < 5.3 (semver)
Unaffected: 5.4.282 , ≤ 5.4.* (semver)
Unaffected: 5.10.224 , ≤ 5.10.* (semver)
Unaffected: 5.15.165 , ≤ 5.15.* (semver)
Unaffected: 6.1.103 , ≤ 6.1.* (semver)
Unaffected: 6.6.44 , ≤ 6.6.* (semver)
Unaffected: 6.10.3 , ≤ 6.10.* (semver)
Unaffected: 6.11 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-42283",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:11:29.775671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T17:33:05.278Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:03:26.190Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/nexthop.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fd06cb4a5fc7bda3dea31712618a62af72a1c6cb",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            },
            {
              "lessThan": "5cc4d71dda2dd4f1520f40e634a527022e48ccd8",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            },
            {
              "lessThan": "9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            },
            {
              "lessThan": "1377de719652d868f5317ba8398b7e74c5f0430b",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            },
            {
              "lessThan": "7704460acd7f5d35eb07c52500987dc9b95313fb",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            },
            {
              "lessThan": "a13d3864b76ac87085ec530b2ff8e37482a63a96",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            },
            {
              "lessThan": "6d745cd0e9720282cd291d36b9db528aea18add2",
              "status": "affected",
              "version": "430a049190de3c9e219f43084de9f1122da04570",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/nexthop.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.282",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.224",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.165",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.103",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.44",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.282",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.224",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.165",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.103",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.44",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.10.3",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.11",
                  "versionStartIncluding": "5.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: Initialize all fields in dumped nexthops\n\nstruct nexthop_grp contains two reserved fields that are not initialized by\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\nstrace (edited for clarity):\n\n    # ip nexthop add id 1 dev lo\n    # ip nexthop add id 101 group 1\n    # strace -e recvmsg ip nexthop get id 101\n    ...\n    recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\n                 [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\n\nThe fields are reserved and therefore not currently used. But as they are, they\nleak kernel memory, and the fact they are not just zero complicates repurposing\nof the fields for new ends. Initialize the full structure."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:25:54.051Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fd06cb4a5fc7bda3dea31712618a62af72a1c6cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/5cc4d71dda2dd4f1520f40e634a527022e48ccd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528aea18add2"
        }
      ],
      "title": "net: nexthop: Initialize all fields in dumped nexthops",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-42283",
    "datePublished": "2024-08-17T09:08:49.866Z",
    "dateReserved": "2024-07-30T07:40:12.262Z",
    "dateUpdated": "2025-11-03T22:03:26.190Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.3\", \"versionEndExcluding\": \"5.4.282\", \"matchCriteriaId\": \"02035E8E-6E63-424F-B9C8-AA3CA88D499E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.5\", \"versionEndExcluding\": \"5.10.224\", \"matchCriteriaId\": \"5CCEDF13-293D-4E64-B501-4409D0365AFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.11\", \"versionEndExcluding\": \"5.15.165\", \"matchCriteriaId\": \"B4E2B568-3171-41DE-B519-F2B1A3600D94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.16\", \"versionEndExcluding\": \"6.1.103\", \"matchCriteriaId\": \"E45EAC72-8329-4F99-8276-86AF9BB3496A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.2\", \"versionEndExcluding\": \"6.6.44\", \"matchCriteriaId\": \"CC912330-6B41-4C6B-99AF-F3857FBACB6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.7\", \"versionEndExcluding\": \"6.10.3\", \"matchCriteriaId\": \"92D388F2-1EAF-4CFA-AC06-5B26D762EA7D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: nexthop: Initialize all fields in dumped nexthops\\n\\nstruct nexthop_grp contains two reserved fields that are not initialized by\\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\\nstrace (edited for clarity):\\n\\n    # ip nexthop add id 1 dev lo\\n    # ip nexthop add id 101 group 1\\n    # strace -e recvmsg ip nexthop get id 101\\n    ...\\n    recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\\n                 [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\\n\\nThe fields are reserved and therefore not currently used. But as they are, they\\nleak kernel memory, and the fact they are not just zero complicates repurposing\\nof the fields for new ends. Initialize the full structure.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: nexthop: inicializa todos los campos en la estructura nexthops volcada. nexthop_grp contiene dos campos reservados que no son inicializados por nla_put_nh_group() y transporta basura. Esto se puede observar, por ejemplo, con strace (editado para mayor claridad): # ip nexthop add id 1 dev lo # ip nexthop add id 101 group 1 # strace -e recvmsg ip nexthop get id 101 ... recvmsg(... [{nla_len =12, nla_type=NHA_GROUP}, [{id=1, peso=0, resvd1=0x69, resvd2=0x67}]] ...) = 52 Los campos est\\u00e1n reservados y, por lo tanto, no se utilizan actualmente. Pero tal como est\\u00e1n, pierden memoria del n\\u00facleo, y el hecho de que no sean simplemente cero complica la reutilizaci\\u00f3n de los campos para nuevos fines. Inicialice la estructura completa.\"}]",
      "id": "CVE-2024-42283",
      "lastModified": "2024-08-19T19:54:33.213",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-08-17T09:15:09.163",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/5cc4d71dda2dd4f1520f40e634a527022e48ccd8\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528aea18add2\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/fd06cb4a5fc7bda3dea31712618a62af72a1c6cb\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-908\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-42283\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-08-17T09:15:09.163\",\"lastModified\":\"2025-11-03T22:17:54.660\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: nexthop: Initialize all fields in dumped nexthops\\n\\nstruct nexthop_grp contains two reserved fields that are not initialized by\\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\\nstrace (edited for clarity):\\n\\n    # ip nexthop add id 1 dev lo\\n    # ip nexthop add id 101 group 1\\n    # strace -e recvmsg ip nexthop get id 101\\n    ...\\n    recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\\n                 [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\\n\\nThe fields are reserved and therefore not currently used. But as they are, they\\nleak kernel memory, and the fact they are not just zero complicates repurposing\\nof the fields for new ends. Initialize the full structure.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: nexthop: inicializa todos los campos en la estructura nexthops volcada. nexthop_grp contiene dos campos reservados que no son inicializados por nla_put_nh_group() y transporta basura. Esto se puede observar, por ejemplo, con strace (editado para mayor claridad): # ip nexthop add id 1 dev lo # ip nexthop add id 101 group 1 # strace -e recvmsg ip nexthop get id 101 ... recvmsg(... [{nla_len =12, nla_type=NHA_GROUP}, [{id=1, peso=0, resvd1=0x69, resvd2=0x67}]] ...) = 52 Los campos est\u00e1n reservados y, por lo tanto, no se utilizan actualmente. Pero tal como est\u00e1n, pierden memoria del n\u00facleo, y el hecho de que no sean simplemente cero complica la reutilizaci\u00f3n de los campos para nuevos fines. Inicialice la estructura completa.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3\",\"versionEndExcluding\":\"5.4.282\",\"matchCriteriaId\":\"02035E8E-6E63-424F-B9C8-AA3CA88D499E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.224\",\"matchCriteriaId\":\"5CCEDF13-293D-4E64-B501-4409D0365AFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.165\",\"matchCriteriaId\":\"B4E2B568-3171-41DE-B519-F2B1A3600D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.103\",\"matchCriteriaId\":\"E45EAC72-8329-4F99-8276-86AF9BB3496A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.44\",\"matchCriteriaId\":\"CC912330-6B41-4C6B-99AF-F3857FBACB6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.10.3\",\"matchCriteriaId\":\"92D388F2-1EAF-4CFA-AC06-5B26D762EA7D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5cc4d71dda2dd4f1520f40e634a527022e48ccd8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528aea18add2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fd06cb4a5fc7bda3dea31712618a62af72a1c6cb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T22:03:26.190Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-42283\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T16:11:29.775671Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:14.331Z\"}}], \"cna\": {\"title\": \"net: nexthop: Initialize all fields in dumped nexthops\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"fd06cb4a5fc7bda3dea31712618a62af72a1c6cb\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"5cc4d71dda2dd4f1520f40e634a527022e48ccd8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"1377de719652d868f5317ba8398b7e74c5f0430b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"7704460acd7f5d35eb07c52500987dc9b95313fb\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"a13d3864b76ac87085ec530b2ff8e37482a63a96\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"430a049190de3c9e219f43084de9f1122da04570\", \"lessThan\": \"6d745cd0e9720282cd291d36b9db528aea18add2\", \"versionType\": \"git\"}], \"programFiles\": [\"net/ipv4/nexthop.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.3\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.3\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.4.282\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.224\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.165\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.103\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.44\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.10.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.10.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/ipv4/nexthop.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/fd06cb4a5fc7bda3dea31712618a62af72a1c6cb\"}, {\"url\": \"https://git.kernel.org/stable/c/5cc4d71dda2dd4f1520f40e634a527022e48ccd8\"}, {\"url\": \"https://git.kernel.org/stable/c/9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0\"}, {\"url\": \"https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b\"}, {\"url\": \"https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb\"}, {\"url\": \"https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96\"}, {\"url\": \"https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528aea18add2\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: nexthop: Initialize all fields in dumped nexthops\\n\\nstruct nexthop_grp contains two reserved fields that are not initialized by\\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\\nstrace (edited for clarity):\\n\\n    # ip nexthop add id 1 dev lo\\n    # ip nexthop add id 101 group 1\\n    # strace -e recvmsg ip nexthop get id 101\\n    ...\\n    recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\\n                 [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\\n\\nThe fields are reserved and therefore not currently used. But as they are, they\\nleak kernel memory, and the fact they are not just zero complicates repurposing\\nof the fields for new ends. Initialize the full structure.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.282\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.224\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.165\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.103\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.44\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.10.3\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.11\", \"versionStartIncluding\": \"5.3\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:25:54.051Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-42283\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T22:03:26.190Z\", \"dateReserved\": \"2024-07-30T07:40:12.262Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-08-17T09:08:49.866Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}