2.1 KiB
CVE-2024-43846
Description
In the Linux kernel, the following vulnerability has been resolved:lib: objagg: Fix general protection faultThe library supports aggregation of objects into other objects only ifthe parent object does not have a parent itself. That is, nesting is notsupported.Aggregation happens in two cases: Without and with hints, where hintsare a pre-computed recommendation on how to aggregate the providedobjects.Nesting is not possible in the first case due to a check that preventsit, but in the second case there is no check because the assumption isthat nesting cannot happen when creating objects based on hints. Theviolation of this assumption leads to various warnings and eventually toa general protection fault [1].Before fixing the root cause, error out when nesting happens and warn.[1]general protection fault, probably for non-canonical address 0xdead000000000d90: 0000 [#1] PREEMPT SMP PTICPU: 1 PID: 1083 Comm: kworker/1:9 Tainted: G W 6.9.0-rc6-custom-gd9b4f1cca7fb #7Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_workRIP: 0010:mlxsw_sp_acl_erp_bf_insert+0x25/0x80[...]Call Trace: mlxsw_sp_acl_atcam_entry_add+0x256/0x3c0 mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0 mlxsw_sp_acl_tcam_vchunk_migrate_one+0x16b/0x270 mlxsw_sp_acl_tcam_vregion_rehash_work+0xbe/0x510 process_one_work+0x151/0x370 worker_thread+0x2cb/0x3e0 kthread+0xd0/0x100 ret_from_fork+0x34/0x50 ret_from_fork_asm+0x1a/0x30
POC
Reference
No PoCs from references.