admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/53xxx/CVE-2024-53097.json
CVE Team 4b32f1bda7
"-Synchronized-Data."
2024-11-25 22:00:37 +00:00

152 lines
8.7 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-53097",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: krealloc: Fix MTE false alarm in __do_krealloc\n\nThis patch addresses an issue introduced by commit 1a83a716ec233 (\"mm:\nkrealloc: consider spare memory for __GFP_ZERO\") which causes MTE\n(Memory Tagging Extension) to falsely report a slab-out-of-bounds error.\n\nThe problem occurs when zeroing out spare memory in __do_krealloc. The\noriginal code only considered software-based KASAN and did not account\nfor MTE. It does not reset the KASAN tag before calling memset, leading\nto a mismatch between the pointer tag and the memory tag, resulting\nin a false positive.\n\nExample of the error:\n==================================================================\nswapper/0: BUG: KASAN: slab-out-of-bounds in __memset+0x84/0x188\nswapper/0: Write at addr f4ffff8005f0fdf0 by task swapper/0/1\nswapper/0: Pointer tag: [f4], memory tag: [fe]\nswapper/0:\nswapper/0: CPU: 4 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.\nswapper/0: Hardware name: MT6991(ENG) (DT)\nswapper/0: Call trace:\nswapper/0: dump_backtrace+0xfc/0x17c\nswapper/0: show_stack+0x18/0x28\nswapper/0: dump_stack_lvl+0x40/0xa0\nswapper/0: print_report+0x1b8/0x71c\nswapper/0: kasan_report+0xec/0x14c\nswapper/0: __do_kernel_fault+0x60/0x29c\nswapper/0: do_bad_area+0x30/0xdc\nswapper/0: do_tag_check_fault+0x20/0x34\nswapper/0: do_mem_abort+0x58/0x104\nswapper/0: el1_abort+0x3c/0x5c\nswapper/0: el1h_64_sync_handler+0x80/0xcc\nswapper/0: el1h_64_sync+0x68/0x6c\nswapper/0: __memset+0x84/0x188\nswapper/0: btf_populate_kfunc_set+0x280/0x3d8\nswapper/0: __register_btf_kfunc_id_set+0x43c/0x468\nswapper/0: register_btf_kfunc_id_set+0x48/0x60\nswapper/0: register_nf_nat_bpf+0x1c/0x40\nswapper/0: nf_nat_init+0xc0/0x128\nswapper/0: do_one_initcall+0x184/0x464\nswapper/0: do_initcall_level+0xdc/0x1b0\nswapper/0: do_initcalls+0x70/0xc0\nswapper/0: do_basic_setup+0x1c/0x28\nswapper/0: kernel_init_freeable+0x144/0x1b8\nswapper/0: kernel_init+0x20/0x1a8\nswapper/0: ret_from_fork+0x10/0x20\n=================================================================="
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c383263ee82a",
"version_value": "8ebee7565eff"
},
{
"version_affected": "<",
"version_name": "a54378585624",
"version_value": "d02492863023"
},
{
"version_affected": "<",
"version_name": "44f79667fefd",
"version_value": "d43f1430d47c"
},
{
"version_affected": "<",
"version_name": "f8767d10bcbc",
"version_value": "486aeb5f1855"
},
{
"version_affected": "<",
"version_name": "e3a9fc1520a6",
"version_value": "71548fada7ee"
},
{
"version_affected": "<",
"version_name": "3e9a65a38706",
"version_value": "3dfb40da84f2"
},
{
"version_affected": "<",
"version_name": "1a83a716ec23",
"version_value": "704573851b51"
},
{
"version_affected": "<",
"version_name": "5.10.227",
"version_value": "5.10.230"
},
{
"version_affected": "<",
"version_name": "5.15.168",
"version_value": "5.15.173"
},
{
"version_affected": "<",
"version_name": "6.1.113",
"version_value": "6.1.118"
},
{
"version_affected": "<",
"version_name": "6.6.55",
"version_value": "6.6.62"
},
{
"version_affected": "<",
"version_name": "6.11.3",
"version_value": "6.11.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/8ebee7565effdeae6085458f8f8463363120a871",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/8ebee7565effdeae6085458f8f8463363120a871"
},
{
"url": "https://git.kernel.org/stable/c/d02492863023431c31f85d570f718433c22b9311",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d02492863023431c31f85d570f718433c22b9311"
},
{
"url": "https://git.kernel.org/stable/c/d43f1430d47c22a0727c05b6f156ed25fecdfeb4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d43f1430d47c22a0727c05b6f156ed25fecdfeb4"
},
{
"url": "https://git.kernel.org/stable/c/486aeb5f1855c75dd810c25036134961bd2a6722",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/486aeb5f1855c75dd810c25036134961bd2a6722"
},
{
"url": "https://git.kernel.org/stable/c/71548fada7ee0eb50cc6ccda82dff010c745f92c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/71548fada7ee0eb50cc6ccda82dff010c745f92c"
},
{
"url": "https://git.kernel.org/stable/c/3dfb40da84f26dd35dd9bbaf626a2424565b8406",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/3dfb40da84f26dd35dd9bbaf626a2424565b8406"
},
{
"url": "https://git.kernel.org/stable/c/704573851b51808b45dae2d62059d1d8189138a2",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/704573851b51808b45dae2d62059d1d8189138a2"
}
]
},
"generator": {
"engine": "bippy-8e903de6a542"
}
}
Reference in New Issue View Git Blame Copy Permalink