nvd-json-data-feeds/CVE-2024/CVE-2024-438xx/CVE-2024-43890.json

{
  "id": "CVE-2024-43890",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-08-26T11:15:04.040",
  "lastModified": "2024-09-05T18:48:30.320",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix overflow in get_free_elt()\n\n\"tracing_map->next_elt\" in get_free_elt() is at risk of overflowing.\n\nOnce it overflows, new elements can still be inserted into the tracing_map\neven though the maximum number of elements (`max_elts`) has been reached.\nContinuing to insert elements after the overflow could result in the\ntracing_map containing \"tracing_map->max_size\" elements, leaving no empty\nentries.\nIf any attempt is made to insert an element into a full tracing_map using\n`__tracing_map_insert()`, it will cause an infinite loop with preemption\ndisabled, leading to a CPU hang problem.\n\nFix this by preventing any further increments to \"tracing_map->next_elt\"\nonce it reaches \"tracing_map->max_elt\"."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rastreo: corrige el desbordamiento en get_free_elt() \"tracing_map->next_elt\" en get_free_elt() corre el riesgo de desbordarse. Una vez que se desborda, a\u00fan se pueden insertar nuevos elementos en tracing_map aunque se haya alcanzado el n\u00famero m\u00e1ximo de elementos (`max_elts`). Continuar insertando elementos despu\u00e9s del desbordamiento podr\u00eda dar como resultado que tracing_map contenga elementos \"tracing_map->max_size\", sin dejar entradas vac\u00edas. Si se intenta insertar un elemento en un tracing_map completo usando `__tracing_map_insert()`, se producir\u00e1 un bucle infinito con la preferencia deshabilitada, lo que provocar\u00e1 un problema de bloqueo de la CPU. Solucione este problema evitando incrementos adicionales en \"tracing_map->next_elt\" una vez que llegue a \"tracing_map->max_elt\"."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.7",
              "versionEndExcluding": "4.19.320",
              "matchCriteriaId": "A5445A05-438F-486B-AA08-94074DAF4196"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.20",
              "versionEndExcluding": "5.4.282",
              "matchCriteriaId": "A8961D98-9ACF-4188-BA88-44038B14BC28"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.5",
              "versionEndExcluding": "5.10.224",
              "matchCriteriaId": "5CCEDF13-293D-4E64-B501-4409D0365AFE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.11",
              "versionEndExcluding": "5.15.165",
              "matchCriteriaId": "B4E2B568-3171-41DE-B519-F2B1A3600D94"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.16",
              "versionEndExcluding": "6.1.105",
              "matchCriteriaId": "89BEB24B-0F37-4C92-A397-564DA7CD8EE9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "6.2",
              "versionEndExcluding": "6.6.46",
              "matchCriteriaId": "FA11941E-81FB-484C-B583-881EEB488340"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "6.7",
              "versionEndExcluding": "6.10.5",
              "matchCriteriaId": "D074AE50-4A5E-499C-A2FD-75FD60DEA560"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/236bb4690773ab6869b40bedc7bc8d889e36f9d6",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/302ceb625d7b990db205a15e371f9a71238de91c",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/788ea62499b3c18541fd6d621964d8fafbc4aec5",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/a172c7b22bc2feaf489cfc6d6865f7237134fdf8",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/bcf86c01ca4676316557dd482c8416ece8c2e143",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/cd10d186a5409a1fe6e976df82858e9773a698da",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/d3e4dbc2858fe85d1dbd2e72a9fc5dea988b5c18",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/eb223bf01e688dfe37e813c8988ee11c8c9f8d0a",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ]
    }
  ]
}