In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix error pbuf checking
Syz reports a problem, which boils down to NULL vs IS_ERR inconsistent
error handling in io_alloc_pbuf_ring().
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
RIP: 0010:__io_remove_buffers+0xac/0x700 io_uring/kbuf.c:341
Call Trace:
<TASK>
io_put_bl io_uring/kbuf.c:378 [inline]
io_destroy_buffers+0x14e/0x490 io_uring/kbuf.c:392
io_ring_ctx_free+0xa00/0x1070 io_uring/io_uring.c:2613
io_ring_exit_work+0x80f/0x8a0 io_uring/io_uring.c:2844
process_one_work kernel/workqueue.c:3231 [inline]
process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312
worker_thread+0x86d/0xd40 kernel/workqueue.c:3390
kthread+0x2f0/0x390 kernel/kthread.c:389
ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
References
Configurations
Configuration 1 (hide)
|
History
06 Sep 2024, 13:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
References | () https://git.kernel.org/stable/c/68d19af95a353f5e2b021602180b65b303eba99d - Patch | |
References | () https://git.kernel.org/stable/c/bcc87d978b834c298bbdd9c52454c5d0a946e97e - Patch | |
CWE | CWE-476 | |
CPE | cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
08 Aug 2024, 13:04
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
08 Aug 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-08 09:15
Updated : 2024-09-06 13:40
NVD link : CVE-2024-42254
Mitre link : CVE-2024-42254
CVE.ORG link : CVE-2024-42254
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference