CVE-2024-42161

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-42161
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the BPF_CRE_READ_BITFIELD macro, defined in bpf_core_read.h as: [...] unsigned long long val; \ [...] \ switch (__CORE_RELO(s, field, BYTE_SIZE)) { \ case 1: val = *(const unsigned char *)p; break; \ case 2: val = *(const unsigned short *)p; break; \ case 4: val = *(const unsigned int *)p; break; \ case 8: val = *(const unsigned long long *)p; break; \ } \ [...] val; \ } \ This patch adds a default entry in the switch statement that sets `val' to zero in order to avoid the warning, and random values to be used in case __builtin_preserve_field_info returns unexpected values for BPF_FIELD_BYTE_SIZE. Tested in bpf-next master. No regressions.

6.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/009367099eb61a4fc2af44d4eb06b6b4de7de6db Patch
https://git.kernel.org/stable/c/3364c2ed1c241989847f19cf83e3db903ce689e3 Patch
https://git.kernel.org/stable/c/7e5471b5efebc30dd0bc035cda86693a5c73d45f Patch
https://git.kernel.org/stable/c/a21d76bd0b0d39518e9a4c19f6cf7c042a974aff Patch
https://git.kernel.org/stable/c/b694989bb13ed5f166e633faa1eb0f21c6d261a6 Patch
https://git.kernel.org/stable/c/ff941a8449e712eaf7efca1a13bfb9afd3d99fc2 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

25 Sep 2024, 15:54

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8 		v2 : unknown
v3 : 6.3

05 Aug 2024, 20:19

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
First Time Linux
Linux linux Kernel
CWE CWE-908
References () https://git.kernel.org/stable/c/009367099eb61a4fc2af44d4eb06b6b4de7de6db - () https://git.kernel.org/stable/c/009367099eb61a4fc2af44d4eb06b6b4de7de6db - Patch
References () https://git.kernel.org/stable/c/3364c2ed1c241989847f19cf83e3db903ce689e3 - () https://git.kernel.org/stable/c/3364c2ed1c241989847f19cf83e3db903ce689e3 - Patch
References () https://git.kernel.org/stable/c/7e5471b5efebc30dd0bc035cda86693a5c73d45f - () https://git.kernel.org/stable/c/7e5471b5efebc30dd0bc035cda86693a5c73d45f - Patch
References () https://git.kernel.org/stable/c/a21d76bd0b0d39518e9a4c19f6cf7c042a974aff - () https://git.kernel.org/stable/c/a21d76bd0b0d39518e9a4c19f6cf7c042a974aff - Patch
References () https://git.kernel.org/stable/c/b694989bb13ed5f166e633faa1eb0f21c6d261a6 - () https://git.kernel.org/stable/c/b694989bb13ed5f166e633faa1eb0f21c6d261a6 - Patch
References () https://git.kernel.org/stable/c/ff941a8449e712eaf7efca1a13bfb9afd3d99fc2 - () https://git.kernel.org/stable/c/ff941a8449e712eaf7efca1a13bfb9afd3d99fc2 - Patch

30 Jul 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Evite el valor no inicializado en BPF_CORE_READ_BITFIELD [Cambios desde V1: - Use una rama predeterminada en la instrucción switch para inicializar `val'.] GCC advierte que `val' puede usarse sin inicializar en la macro BPF_CRE_READ_BITFIELD, definida en bpf_core_read.h como: [...] unsigned long long val; \ [...] \ switch (__CORE_RELO(s, campo, BYTE_SIZE)) { \ case 1: val = *(const unsigned char *)p; break; \ case 2: val = *(const unsigned short *)p; break; \ case 4: val = *(const unsigned int *)p; romper; \ case 8: val = *(const unsigned long long *)p; break; \ } \ [...] val; \ } \ Este parche agrega una entrada predeterminada en la declaración de cambio que establece `val' en cero para evitar la advertencia, y valores aleatorios que se usarán en caso de que __builtin_preserve_field_info devuelva valores inesperados para BPF_FIELD_BYTE_SIZE. Probado en bpf-next master. Sin regresiones.

30 Jul 2024, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-30 08:15

Updated : 2024-09-25 15:54

NVD link : CVE-2024-42161

Mitre link : CVE-2024-42161

CVE.ORG link : CVE-2024-42161

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-908

Use of Uninitialized Resource


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024