Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2024-44984

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/09/2024
Last modified:
10/10/2024

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bnxt_en: Fix double DMA unmapping for XDP_REDIRECT<br /> <br /> Remove the dma_unmap_page_attrs() call in the driver&amp;#39;s XDP_REDIRECT<br /> code path. This should have been removed when we let the page pool<br /> handle the DMA mapping. This bug causes the warning:<br /> <br /> WARNING: CPU: 7 PID: 59 at drivers/iommu/dma-iommu.c:1198 iommu_dma_unmap_page+0xd5/0x100<br /> CPU: 7 PID: 59 Comm: ksoftirqd/7 Tainted: G W 6.8.0-1010-gcp #11-Ubuntu<br /> Hardware name: Dell Inc. PowerEdge R7525/0PYVT1, BIOS 2.15.2 04/02/2024<br /> RIP: 0010:iommu_dma_unmap_page+0xd5/0x100<br /> Code: 89 ee 48 89 df e8 cb f2 69 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 e9 ab 17 71 00 0b 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9<br /> RSP: 0018:ffffab1fc0597a48 EFLAGS: 00010246<br /> RAX: 0000000000000000 RBX: ffff99ff838280c8 RCX: 0000000000000000<br /> RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000<br /> RBP: ffffab1fc0597a78 R08: 0000000000000002 R09: ffffab1fc0597c1c<br /> R10: ffffab1fc0597cd3 R11: ffff99ffe375acd8 R12: 00000000e65b9000<br /> R13: 0000000000000050 R14: 0000000000001000 R15: 0000000000000002<br /> FS: 0000000000000000(0000) GS:ffff9a06efb80000(0000) knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: 0000565c34c37210 CR3: 00000005c7e3e000 CR4: 0000000000350ef0<br /> ? show_regs+0x6d/0x80<br /> ? __warn+0x89/0x150<br /> ? iommu_dma_unmap_page+0xd5/0x100<br /> ? report_bug+0x16a/0x190<br /> ? handle_bug+0x51/0xa0<br /> ? exc_invalid_op+0x18/0x80<br /> ? iommu_dma_unmap_page+0xd5/0x100<br /> ? iommu_dma_unmap_page+0x35/0x100<br /> dma_unmap_page_attrs+0x55/0x220<br /> ? bpf_prog_4d7e87c0d30db711_xdp_dispatcher+0x64/0x9f<br /> bnxt_rx_xdp+0x237/0x520 [bnxt_en]<br /> bnxt_rx_pkt+0x640/0xdd0 [bnxt_en]<br /> __bnxt_poll_work+0x1a1/0x3d0 [bnxt_en]<br /> bnxt_poll+0xaa/0x1e0 [bnxt_en]<br /> __napi_poll+0x33/0x1e0<br /> net_rx_action+0x18a/0x2f0

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.6 (including) 6.6.48 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (including) 6.10.7 (excluding)
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools