nvd-json-data-feeds/CVE-2024/CVE-2024-530xx/CVE-2024-53065.json

{
  "id": "CVE-2024-53065",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-11-19T18:15:26.333",
  "lastModified": "2024-11-25T21:04:38.343",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create\n\nCommit b035f5a6d852 (\"mm: slab: reduce the kmalloc() minimum alignment\nif DMA bouncing possible\") reduced ARCH_KMALLOC_MINALIGN to 8 on arm64.\nHowever, with KASAN_HW_TAGS enabled, arch_slab_minalign() becomes 16.\nThis causes kmalloc_caches[*][8] to be aliased to kmalloc_caches[*][16],\nresulting in kmem_buckets_create() attempting to create a kmem_cache for\nsize 16 twice. This duplication triggers warnings on boot:\n\n[    2.325108] ------------[ cut here ]------------\n[    2.325135] kmem_cache of name 'memdup_user-16' already exists\n[    2.325783] WARNING: CPU: 0 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0\n[    2.327957] Modules linked in:\n[    2.328550] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc5mm-unstable-arm64+ #12\n[    2.328683] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024\n[    2.328790] pstate: 61000009 (nZCv daif -PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[    2.328911] pc : __kmem_cache_create_args+0xb8/0x3b0\n[    2.328930] lr : __kmem_cache_create_args+0xb8/0x3b0\n[    2.328942] sp : ffff800083d6fc50\n[    2.328961] x29: ffff800083d6fc50 x28: f2ff0000c1674410 x27: ffff8000820b0598\n[    2.329061] x26: 000000007fffffff x25: 0000000000000010 x24: 0000000000002000\n[    2.329101] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388\n[    2.329118] x20: f2ff0000c1674410 x19: f5ff0000c16364c0 x18: ffff800083d80030\n[    2.329135] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n[    2.329152] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120\n[    2.329169] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000\n[    2.329194] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[    2.329210] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[    2.329226] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n[    2.329291] Call trace:\n[    2.329407]  __kmem_cache_create_args+0xb8/0x3b0\n[    2.329499]  kmem_buckets_create+0xfc/0x320\n[    2.329526]  init_user_buckets+0x34/0x78\n[    2.329540]  do_one_initcall+0x64/0x3c8\n[    2.329550]  kernel_init_freeable+0x26c/0x578\n[    2.329562]  kernel_init+0x3c/0x258\n[    2.329574]  ret_from_fork+0x10/0x20\n[    2.329698] ---[ end trace 0000000000000000 ]---\n\n[    2.403704] ------------[ cut here ]------------\n[    2.404716] kmem_cache of name 'msg_msg-16' already exists\n[    2.404801] WARNING: CPU: 2 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0\n[    2.404842] Modules linked in:\n[    2.404971] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Tainted: G        W          6.12.0-rc5mm-unstable-arm64+ #12\n[    2.405026] Tainted: [W]=WARN\n[    2.405043] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024\n[    2.405057] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[    2.405079] pc : __kmem_cache_create_args+0xb8/0x3b0\n[    2.405100] lr : __kmem_cache_create_args+0xb8/0x3b0\n[    2.405111] sp : ffff800083d6fc50\n[    2.405115] x29: ffff800083d6fc50 x28: fbff0000c1674410 x27: ffff8000820b0598\n[    2.405135] x26: 000000000000ffd0 x25: 0000000000000010 x24: 0000000000006000\n[    2.405153] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388\n[    2.405169] x20: fbff0000c1674410 x19: fdff0000c163d6c0 x18: ffff800083d80030\n[    2.405185] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n[    2.405201] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120\n[    2.405217] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000\n[    2.405233] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[    2.405248] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[    2.405271] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n[    2.405287] Call trace:\n[    2\n---truncated---"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/slab: se corrige la advertencia causada por la creaci\u00f3n duplicada de kmem_cache en kmem_buckets_create. el commit b035f5a6d852 (\"mm: slab: reduce la alineaci\u00f3n m\u00ednima de kmalloc() si es posible el rebote de DMA\") redujo ARCH_KMALLOC_MINALIGN a 8 en arm64. Sin embargo, con KASAN_HW_TAGS habilitado, arch_slab_minalign() se convierte en 16. Esto hace que kmalloc_caches[*][8] se asocie a kmalloc_caches[*][16], lo que hace que kmem_buckets_create() intente crear un kmem_cache para el tama\u00f1o 16 dos veces. Esta duplicaci\u00f3n activa advertencias en el arranque: [ 2.325108] ------------[ cortar aqu\u00ed ]------------ [ 2.325135] kmem_cache con el nombre 'memdup_user-16' ya existe [ 2.325783] ADVERTENCIA: CPU: 0 PID: 1 en mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.327957] M\u00f3dulos vinculados en: [ 2.328550] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 No contaminado 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.328683] Nombre del hardware: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.328790] pstate: 61000009 (nZCv daif -PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 2.328911] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328930] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328942] sp : ffff800083d6fc50 [ 2.328961] x29: ffff800083d6fc50 x28: f2ff0000c1674410 x27: ffff8000820b0598 [ 2.329061] x26: 000000007fffffff x25: 0000000000000010 x24: 00000000000002000 [ 2.329101] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.329118] x20: f2ff0000c1674410 x19: f5ff0000c16364c0 x18: ffff800083d80030 [ 2.329135] x17: 000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.329152] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.329169] x11: 205b x10: 2d2d2d2d2d2d2d2d x9 : 00000000000000000 [ 2.329194] x8 : 0000000000000000 x7 : 00000000000000000 x6 : 0000000000000000 [ 2.329210] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.329226] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.329291] Rastreo de llamadas: [ 2.329407] __kmem_cache_create_args+0xb8/0x3b0 [ 2.329499] kmem_buckets_create+0xfc/0x320 [ 2.329526] init_user_buckets+0x34/0x78 [ 2.329540] do_one_initcall+0x64/0x3c8 [ 2.329550] kernel_init_freeable+0x26c/0x578 [ 2.329562] kernel_init+0x3c/0x258 [ 2.329574] ret_from_fork+0x10/0x20 [ 2.329698] ---[ fin de seguimiento 000000000000000 ]--- [ 2.403704] ------------[ cortar aqu\u00ed ]------------ [ 2.404716] kmem_cache del nombre 'msg_msg-16' ya existe [ 2.404801] ADVERTENCIA: CPU: 2 PID: 1 en mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.404842] M\u00f3dulos vinculados en: [ 2.404971] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Contaminado: GW 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.405026] Contaminado: [W]=WARN [ 2.405043] Nombre del hardware: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.405057] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 2.405079] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405100] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405111] sp : ffff800083d6fc50 [ 2.405115] x29: ffff800083d6fc50 x28: fbff0000c1674410 x27: ffff8000820b0598 [ 2.405135] x26: 000000000000ffd0 x25: 000000000000010 x24: 0000000000006000 [ 2.405153] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.405169] x20: fbff0000c1674410 x19: fdff0000c163d6c0 x18: ffff800083d80030 [ 2.405185] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.405201] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.405217] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.405233] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.405248] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.405271] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.405287] Rastreo de llamada: [ 2 ---truncado---"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "6.11",
              "versionEndExcluding": "6.11.8",
              "matchCriteriaId": "728427FE-4653-45EF-AA11-DA6A6AF58B8F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/1b47f9febf48641d3530ec877f4d0995c58e6b73",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/9c9201afebea1efc7ea4b8f721ee18a05bb8aca1",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    }
  ]
}