nvd-json-data-feeds/CVE-2024/CVE-2024-501xx/CVE-2024-50142.json

{
  "id": "CVE-2024-50142",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-11-07T10:15:06.170",
  "lastModified": "2024-11-08T19:01:03.880",
  "vulnStatus": "Undergoing Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA's prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n    usersa.sel.family = AF_UNSPEC\n    usersa.sel.prefixlen_s = 128\n    usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn't put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx->sel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that's how\nprefixlen is going to be used later on."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm: validar el prefijo de la nueva SA usando la familia de SA cuando sel.family no est\u00e1 configurado Esto expande la validaci\u00f3n introducida en el commit 07bf7908950a (\"xfrm: validar las longitudes de prefijo de direcci\u00f3n en el selector xfrm\"). syzbot cre\u00f3 una SA con usersa.sel.family = AF_UNSPEC usersa.sel.prefixlen_s = 128 usersa.family = AF_INET Debido al selector AF_UNSPEC, verificar_newsa_info no pone l\u00edmites en prefixlen_{s,d}. Pero luego copy_from_user_state establece x-&gt;sel.family en usersa.family (AF_INET). Realice la misma conversi\u00f3n en verificar_newsa_info antes de validar prefixlen_{s,d}, ya que as\u00ed es como se usar\u00e1 prefixlen m\u00e1s adelante."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/2d08a6c31c65f23db71a5385ee9cf9d8f9a67a71",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/3f0ab59e6537c6a8f9e1b355b48f9c05a76e8563",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/401ad99a5ae7180dd9449eac104cb755f442e7f3",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/7d9868180bd1e4cf37e7c5067362658971162366",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/8df5cd51fd70c33aa1776e5cbcd82b0a86649d73",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/bce1afaa212ec380bf971614f70909a27882b862",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/e68dd80ba498265d2266b12dc3459164f4ff0c4a",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/f31398570acf0f0804c644006f7bfa9067106b0a",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
}
Auto-Update: 2024-11-07T11:00:20.028274+00:00 2024-11-07 11:03:21 +00:00			`{`
			`"id": "CVE-2024-50142",`
			`"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",`
			`"published": "2024-11-07T10:15:06.170",`
Auto-Update: 2024-11-08T21:00:20.824687+00:00 2024-11-08 21:03:24 +00:00			`"lastModified": "2024-11-08T19:01:03.880",`
Auto-Update: 2024-11-17T03:00:18.815482+00:00 2024-11-17 03:03:21 +00:00			`"vulnStatus": "Undergoing Analysis",`
Auto-Update: 2024-11-07T11:00:20.028274+00:00 2024-11-07 11:03:21 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA's prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn't put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx->sel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that's how\nprefixlen is going to be used later on."
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm: validar el prefijo de la nueva SA usando la familia de SA cuando sel.family no est\u00e1 configurado Esto expande la validaci\u00f3n introducida en el commit 07bf7908950a (\"xfrm: validar las longitudes de prefijo de direcci\u00f3n en el selector xfrm\"). syzbot cre\u00f3 una SA con usersa.sel.family = AF_UNSPEC usersa.sel.prefixlen_s = 128 usersa.family = AF_INET Debido al selector AF_UNSPEC, verificar_newsa_info no pone l\u00edmites en prefixlen_{s,d}. Pero luego copy_from_user_state establece x->sel.family en usersa.family (AF_INET). Realice la misma conversi\u00f3n en verificar_newsa_info antes de validar prefixlen_{s,d}, ya que as\u00ed es como se usar\u00e1 prefixlen m\u00e1s adelante."
Auto-Update: 2024-11-07T11:00:20.028274+00:00 2024-11-07 11:03:21 +00:00			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://git.kernel.org/stable/c/2d08a6c31c65f23db71a5385ee9cf9d8f9a67a71",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/3f0ab59e6537c6a8f9e1b355b48f9c05a76e8563",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`{`
			`"url": "https://git.kernel.org/stable/c/401ad99a5ae7180dd9449eac104cb755f442e7f3",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
Auto-Update: 2024-11-07T11:00:20.028274+00:00 2024-11-07 11:03:21 +00:00			`{`
			`"url": "https://git.kernel.org/stable/c/7d9868180bd1e4cf37e7c5067362658971162366",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`{`
			`"url": "https://git.kernel.org/stable/c/8df5cd51fd70c33aa1776e5cbcd82b0a86649d73",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
Auto-Update: 2024-11-07T11:00:20.028274+00:00 2024-11-07 11:03:21 +00:00			`{`
			`"url": "https://git.kernel.org/stable/c/bce1afaa212ec380bf971614f70909a27882b862",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/e68dd80ba498265d2266b12dc3459164f4ff0c4a",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/f31398570acf0f0804c644006f7bfa9067106b0a",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
Auto-Update: 2024-11-07T11:00:20.028274+00:00 2024-11-07 11:03:21 +00:00			`}`
			`]`
			`}`