github - ghsa-prj2-h762-9j59

ghsa-prj2-h762-9j59

Vulnerability from github

Published

2024-09-13 06:30

Modified

2024-09-19 18:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

nfsd: ensure that nfsd4_fattr_args.context is zeroed out

If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'll then try to free. Initialize it early.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-46697"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-13T06:15:14Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: ensure that nfsd4_fattr_args.context is zeroed out\n\nIf nfsd4_encode_fattr4 ends up doing a \"goto out\" before we get to\nchecking for the security label, then args.context will be set to\nuninitialized junk on the stack, which we\u0027ll then try to free.\nInitialize it early.",
  "id": "GHSA-prj2-h762-9j59",
  "modified": "2024-09-19T18:30:51Z",
  "published": "2024-09-13T06:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46697"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/dd65b324174a64558a16ebbf4c3266e5701185d0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f58bab6fd4063913bd8321e99874b8239e9ba726"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2024-46697

Vulnerability from cvelistv5

Published

2024-09-13 05:29

Modified

2024-12-19 09:21

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4_fattr_args.context is zeroed out If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'll then try to free. Initialize it early.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/dd65b324174a64558a16ebbf4c3266e5701185d0
	https://git.kernel.org/stable/c/f58bab6fd4063913bd8321e99874b8239e9ba726

Impacted products

Vendor

Product

Version

▼

Linux

Version: f59388a579c6a395de8f7372b267d3abecd8d6bf
Version: f59388a579c6a395de8f7372b267d3abecd8d6bf

Linux

Version: 6.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46697",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-29T15:05:16.231611Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-29T15:05:30.417Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfsd/nfs4xdr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dd65b324174a64558a16ebbf4c3266e5701185d0",
              "status": "affected",
              "version": "f59388a579c6a395de8f7372b267d3abecd8d6bf",
              "versionType": "git"
            },
            {
              "lessThan": "f58bab6fd4063913bd8321e99874b8239e9ba726",
              "status": "affected",
              "version": "f59388a579c6a395de8f7372b267d3abecd8d6bf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfsd/nfs4xdr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: ensure that nfsd4_fattr_args.context is zeroed out\n\nIf nfsd4_encode_fattr4 ends up doing a \"goto out\" before we get to\nchecking for the security label, then args.context will be set to\nuninitialized junk on the stack, which we\u0027ll then try to free.\nInitialize it early."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:21:11.823Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dd65b324174a64558a16ebbf4c3266e5701185d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/f58bab6fd4063913bd8321e99874b8239e9ba726"
        }
      ],
      "title": "nfsd: ensure that nfsd4_fattr_args.context is zeroed out",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-46697",
    "datePublished": "2024-09-13T05:29:24.787Z",
    "dateReserved": "2024-09-11T15:12:18.250Z",
    "dateUpdated": "2024-12-19T09:21:11.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted