CVE-2024-43846

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> lib: objagg: Fix general protection fault<br /> <br /> The library supports aggregation of objects into other objects only if<br /> the parent object does not have a parent itself. That is, nesting is not<br /> supported.<br /> <br /> Aggregation happens in two cases: Without and with hints, where hints<br /> are a pre-computed recommendation on how to aggregate the provided<br /> objects.<br /> <br /> Nesting is not possible in the first case due to a check that prevents<br /> it, but in the second case there is no check because the assumption is<br /> that nesting cannot happen when creating objects based on hints. The<br /> violation of this assumption leads to various warnings and eventually to<br /> a general protection fault [1].<br /> <br /> Before fixing the root cause, error out when nesting happens and warn.<br /> <br /> [1]<br /> general protection fault, probably for non-canonical address 0xdead000000000d90: 0000 [#1] PREEMPT SMP PTI<br /> CPU: 1 PID: 1083 Comm: kworker/1:9 Tainted: G W 6.9.0-rc6-custom-gd9b4f1cca7fb #7<br /> Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019<br /> Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work<br /> RIP: 0010:mlxsw_sp_acl_erp_bf_insert+0x25/0x80<br /> [...]<br /> Call Trace:<br /> <br /> mlxsw_sp_acl_atcam_entry_add+0x256/0x3c0<br /> mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0<br /> mlxsw_sp_acl_tcam_vchunk_migrate_one+0x16b/0x270<br /> mlxsw_sp_acl_tcam_vregion_rehash_work+0xbe/0x510<br /> process_one_work+0x151/0x370<br /> worker_thread+0x2cb/0x3e0<br /> kthread+0xd0/0x100<br /> ret_from_fork+0x34/0x50<br /> ret_from_fork_asm+0x1a/0x30<br />