admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-530xx/CVE-2024-53091.json
cad-safe-bot d546e05b23 Auto-Update: 2024-12-24T15:00:19.932028+00:00
2024-12-24 15:03:43 +00:00

138 lines
6.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-53091",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-21T19:15:12.177",
"lastModified": "2024-12-24T14:55:45.720",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx\n\nAs the introduction of the support for vsock and unix sockets in sockmap,\ntls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK.\nvsock and af_unix sockets have vsock_sock and unix_sock instead of\ninet_connection_sock. For these sockets, tls_get_ctx may return an invalid\npointer and cause page fault in function tls_sw_ctx_rx.\n\nBUG: unable to handle page fault for address: 0000000000040030\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:sk_psock_strp_data_ready+0x23/0x60\nCall Trace:\n ? __die+0x81/0xc3\n ? no_context+0x194/0x350\n ? do_page_fault+0x30/0x110\n ? async_page_fault+0x3e/0x50\n ? sk_psock_strp_data_ready+0x23/0x60\n virtio_transport_recv_pkt+0x750/0x800\n ? update_load_avg+0x7e/0x620\n vsock_loopback_work+0xd0/0x100\n process_one_work+0x1a7/0x360\n worker_thread+0x30/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? __kthread_cancel_work+0x40/0x40\n ret_from_fork+0x1f/0x40\n\nv2:\n - Add IS_ICSK check\nv3:\n - Update the commits in Fixes"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Agregar comprobaci\u00f3n de sk_is_inet e IS_ICSK en tls_sw_has_ctx_tx/rx Como la introducci\u00f3n del soporte para vsock y sockets unix en sockmap, tls_sw_has_ctx_tx/rx no puede presumir que el socket pasado debe ser IS_ICSK. Los sockets vsock y af_unix tienen vsock_sock y unix_sock en lugar de inet_connection_sock. Para estos sockets, tls_get_ctx puede devolver un puntero no v\u00e1lido y causar un error de p\u00e1gina en la funci\u00f3n tls_sw_ctx_rx. ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n: 0000000000040030 Workqueue: vsock-loopback vsock_loopback_work RIP: 0010:sk_psock_strp_data_ready+0x23/0x60 Call Trace: ? __die+0x81/0xc3 ? no_context+0x194/0x350 ? do_page_fault+0x30/0x110 ? async_page_fault+0x3e/0x50 ? sk_psock_strp_data_ready+0x23/0x60 virtio_transport_recv_pkt+0x750/0x800 ? update_load_avg+0x7e/0x620 vsock_loopback_work+0xd0/0x100 process_one_work+0x1a7/0x360 worker_thread+0x30/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130 ? __kthread_cancel_work+0x40/0x40 ret_from_fork+0x1f/0x40 v2: - Add IS_ICSK check v3: - Update the commits in Fixes"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "6.6.62",
"matchCriteriaId": "D16ADAC8-D39A-40A8-BB83-2F61D51C3E08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.9",
"matchCriteriaId": "759504D4-BE53-492C-BA9B-70F6A9F409CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:*",
"matchCriteriaId": "1EF8CD82-1EAE-4254-9545-F85AB94CF90F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/44d0469f79bd3d0b3433732877358df7dc6b17b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6781cfa93a6a1b7f5be6819a5a2dd8f30f47ca26",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a078a480ff3f43d74d8a024ae10c3c7daf6db149",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink