5.5

CVE-2024-36244

net/sched: taprio: extend minimum interval restriction to entire cycle too

In the Linux kernel, the following vulnerability has been resolved:

net/sched: taprio: extend minimum interval restriction to entire cycle too

It is possible for syzbot to side-step the restriction imposed by the
blamed commit in the Fixes: tag, because the taprio UAPI permits a
cycle-time different from (and potentially shorter than) the sum of
entry intervals.

We need one more restriction, which is that the cycle time itself must
be larger than N * ETH_ZLEN bit times, where N is the number of schedule
entries. This restriction needs to apply regardless of whether the cycle
time came from the user or was the implicit, auto-calculated value, so
we move the existing "cycle == 0" check outside the "if "(!new->cycle_time)"
branch. This way covers both conditions and scenarios.

Add a selftest which illustrates the issue triggered by syzbot.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.68 < 5.5
LinuxLinux Kernel Version >= 5.8.12 < 5.9
LinuxLinux Kernel Version >= 5.9.1 < 6.1.119
LinuxLinux Kernel Version >= 6.2 < 6.6.33
LinuxLinux Kernel Version >= 6.7 < 6.9.4
LinuxLinux Kernel Version5.9 Update-
LinuxLinux Kernel Version5.9 Updaterc7
LinuxLinux Kernel Version5.9 Updaterc8
LinuxLinux Kernel Version6.10 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.159
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/34d83c3e6e97867ae061d14eb52123404aab1cbc
Patch
https://git.kernel.org/stable/c/91f249b01fe490fce11fbb4307952ca8cce78724
Patch
https://git.kernel.org/stable/c/b939d1e04a90248b4cdf417b0969c270ceb992b2
Patch
https://git.kernel.org/stable/c/fb66df20a7201e60f2b13d7f95d031b31a8831d3
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html