CVE-2024-57934

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
21/01/2025
Last modified:
03/02/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> fgraph: Add READ_ONCE() when accessing fgraph_array[]<br /> <br /> In __ftrace_return_to_handler(), a loop iterates over the fgraph_array[]<br /> elements, which are fgraph_ops. The loop checks if an element is a<br /> fgraph_stub to prevent using a fgraph_stub afterward.<br /> <br /> However, if the compiler reloads fgraph_array[] after this check, it might<br /> race with an update to fgraph_array[] that introduces a fgraph_stub. This<br /> could result in the stub being processed, but the stub contains a null<br /> "func_hash" field, leading to a NULL pointer dereference.<br /> <br /> To ensure that the gops compared against the fgraph_stub matches the gops<br /> processed later, add a READ_ONCE(). A similar patch appears in commit<br /> 63a8dfb ("function_graph: Add READ_ONCE() when accessing fgraph_array[]").

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.11 (including) 6.12.9 (excluding)
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*