5.5

CVE-2024-36270

netfilter: tproxy: bail out if IP has been disabled on the device

In the Linux kernel, the following vulnerability has been resolved:

netfilter: tproxy: bail out if IP has been disabled on the device

syzbot reports:
general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]
[..]
RIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62
Call Trace:
 nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline]
 nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168

__in_dev_get_rcu() can return NULL, so check for this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.37 < 5.4.278
LinuxLinux Kernel Version >= 5.5 < 5.10.219
LinuxLinux Kernel Version >= 5.11 < 5.15.161
LinuxLinux Kernel Version >= 5.16 < 6.1.93
LinuxLinux Kernel Version >= 6.2 < 6.6.33
LinuxLinux Kernel Version >= 6.7 < 6.9.4
LinuxLinux Kernel Version6.10 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.169
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c
Patch
https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d
Patch
https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3
Patch
https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0
Patch
https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03
Patch
https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c
Patch
https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
https://cert-portal.siemens.com/productcert/html/ssa-613116.html