9.1

CVE-2024-35960

EPSS 1.75%
Veröffentlicht 20.05.2024 10:15:11
Zuletzt bearbeitet 04.04.2025 14:22:45
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Properly link new fs rules into the tree

Previously, add_rule_fg would only add newly created rules from the
handle into the tree when they had a refcount of 1. On the other hand,
create_flow_handle tries hard to find and reference already existing
identical rules instead of creating new ones.

These two behaviors can result in a situation where create_flow_handle
1) creates a new rule and references it, then
2) in a subsequent step during the same handle creation references it
   again,
resulting in a rule with a refcount of 2 that is not linked into the
tree, will have a NULL parent and root and will result in a crash when
the flow group is deleted because del_sw_hw_rule, invoked on rule
deletion, assumes node->parent is != NULL.

This happened in the wild, due to another bug related to incorrect
handling of duplicate pkt_reformat ids, which lead to the code in
create_flow_handle incorrectly referencing a just-added rule in the same
flow handle, resulting in the problem described above. Full details are
at [1].

This patch changes add_rule_fg to add new rules without parents into
the tree, properly initializing them and avoiding the crash. This makes
it more consistent with how rules are added to an FTE in
create_flow_handle.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.10 < 4.19.313

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.275

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.216

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.156

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.87

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.28

Linux ≫ Linux Kernel Version >= 6.7 < 6.8.7

Linux ≫ Linux Kernel Version6.9 Updaterc1

Linux ≫ Linux Kernel Version6.9 Updaterc2

Linux ≫ Linux Kernel Version6.9 Updaterc3

Debian ≫ Debian Linux Version10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.75%	0.817

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Third Party Advisory

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Third Party Advisory

Mailing List

https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423

Patch

https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f

Patch

https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801

Patch

https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0

Patch

https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64

Patch

https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453

Patch

https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d

Patch

https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-35960

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-35960

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-35960

EUVD