admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/46xxx/CVE-2024-46795.json

135 lines
8.3 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2024-09-11 16:01:06 +00:00
{
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2024-09-11 16:01:06 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-46795",
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"-Synchronized-Data."
2024-09-11 16:01:06 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: unset the binding mark of a reused connection\n\nSteve French reported null pointer dereference error from sha256 lib.\ncifs.ko can send session setup requests on reused connection.\nIf reused connection is used for binding session, conn->binding can\nstill remain true and generate_preauth_hash() will not set\nsess->Preauth_HashValue and it will be NULL.\nIt is used as a material to create an encryption key in\nksmbd_gen_smb311_encryptionkey. ->Preauth_HashValue cause null pointer\ndereference error from crypto_shash_update().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n#PF: supervisor read access in kernel mode\n#PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 8 PID: 429254 Comm: kworker/8:39\nHardware name: LENOVO 20MAS08500/20MAS08500, BIOS N2CET69W (1.52 )\nWorkqueue: ksmbd-io handle_ksmbd_work [ksmbd]\nRIP: 0010:lib_sha256_base_do_update.isra.0+0x11e/0x1d0 [sha256_ssse3]\n<TASK>\n? show_regs+0x6d/0x80\n? __die+0x24/0x80\n? page_fault_oops+0x99/0x1b0\n? do_user_addr_fault+0x2ee/0x6b0\n? exc_page_fault+0x83/0x1b0\n? asm_exc_page_fault+0x27/0x30\n? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3]\n? lib_sha256_base_do_update.isra.0+0x11e/0x1d0 [sha256_ssse3]\n? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3]\n? __pfx_sha256_transform_rorx+0x10/0x10 [sha256_ssse3]\n_sha256_update+0x77/0xa0 [sha256_ssse3]\nsha256_avx2_update+0x15/0x30 [sha256_ssse3]\ncrypto_shash_update+0x1e/0x40\nhmac_update+0x12/0x20\ncrypto_shash_update+0x1e/0x40\ngenerate_key+0x234/0x380 [ksmbd]\ngenerate_smb3encryptionkey+0x40/0x1c0 [ksmbd]\nksmbd_gen_smb311_encryptionkey+0x72/0xa0 [ksmbd]\nntlm_authenticate.isra.0+0x423/0x5d0 [ksmbd]\nsmb2_sess_setup+0x952/0xaa0 [ksmbd]\n__process_request+0xa3/0x1d0 [ksmbd]\n__handle_ksmbd_work+0x1c4/0x2f0 [ksmbd]\nhandle_ksmbd_work+0x2d/0xa0 [ksmbd]\nprocess_one_work+0x16c/0x350\nworker_thread+0x306/0x440\n? __pfx_worker_thread+0x10/0x10\nkthread+0xef/0x120\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x44/0x70\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1b/0x30\n</TASK>"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f5a544e3bab7",
"version_value": "9914f1bd61d5"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.15",
"status": "unaffected",
"-Synchronized-Data."
2024-11-05 11:00:58 +00:00
"versionType": "semver"
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
},
{
"version": "5.15.167",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"-Synchronized-Data."
2024-11-05 11:00:58 +00:00
"versionType": "semver"
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
},
{
"version": "6.1.110",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"-Synchronized-Data."
2024-11-05 11:00:58 +00:00
"versionType": "semver"
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
},
{
"version": "6.6.51",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"-Synchronized-Data."
2024-11-05 11:00:58 +00:00
"versionType": "semver"
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
},
{
"version": "6.10.10",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"-Synchronized-Data."
2024-11-05 11:00:58 +00:00
"versionType": "semver"
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
},
{
"version": "6.11",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9914f1bd61d5e838bb1ab15a71076d37a6db65d1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9914f1bd61d5e838bb1ab15a71076d37a6db65d1"
},
{
"url": "https://git.kernel.org/stable/c/93d54a4b59c4b3d803d20aa645ab5ca71f3b3b02",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/93d54a4b59c4b3d803d20aa645ab5ca71f3b3b02"
},
{
"url": "https://git.kernel.org/stable/c/41bc256da7e47b679df87c7fc7a5b393052b9cce",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/41bc256da7e47b679df87c7fc7a5b393052b9cce"
},
{
"url": "https://git.kernel.org/stable/c/4c8496f44f5bb5c06cdef5eb130ab259643392a1",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4c8496f44f5bb5c06cdef5eb130ab259643392a1"
},
{
"url": "https://git.kernel.org/stable/c/78c5a6f1f630172b19af4912e755e1da93ef0ab5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/78c5a6f1f630172b19af4912e755e1da93ef0ab5"
"-Synchronized-Data."
2024-09-11 16:01:06 +00:00
}
]
"-Synchronized-Data."
2024-09-18 08:00:37 +00:00
},
"generator": {
"-Synchronized-Data."
2024-11-05 11:00:58 +00:00
"engine": "bippy-9e1c9544281a"
"-Synchronized-Data."
2024-09-11 16:01:06 +00:00
}
}
Reference in New Issue Copy Permalink