In the Linux kernel, the following vulnerability has been resolved:
aoe: fix the potential use-after-free problem in more places
For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential
use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put()
instead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs
into use-after-free.
Then Nicolai Stange found more places in aoe have potential use-after-free
problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe()
and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push
packet to tx queue. So they should also use dev_hold() to increase the
refcnt of skb->dev.
On the other hand, moving dev_put() to tx() causes that the refcnt of
skb->dev be reduced to a negative value, because corresponding
dev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(),
probe(), and aoecmd_cfg_rsp(). This patch fixed this issue.
References
Configurations
Configuration 1 (hide)
|
History
08 Nov 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Oct 2024, 15:08
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Linux linux Kernel
Linux |
|
References | () https://git.kernel.org/stable/c/07b418d50ccbbca7e5d87a3a0d41d436cefebf79 - Patch | |
References | () https://git.kernel.org/stable/c/6d6e54fc71ad1ab0a87047fd9c211e75d86084a3 - Patch | |
References | () https://git.kernel.org/stable/c/8253a60c89ec35c8f36fb2cc08cdf854c7a3eb58 - Patch | |
References | () https://git.kernel.org/stable/c/89d9a69ae0c667e4d9d028028e2dcc837bae626f - Patch | |
References | () https://git.kernel.org/stable/c/acc5103a0a8c200a52af7d732c36a8477436a3d3 - Patch | |
References | () https://git.kernel.org/stable/c/bc2cbf7525ac288e07d465f5a1d8cb8fb9599254 - Patch | |
References | () https://git.kernel.org/stable/c/f63461af2c1a86af4217910e47a5c46e3372e645 - Patch | |
CWE | CWE-416 | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.4.273:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:4.19.311:*:*:*:*:*:*:* |
23 Oct 2024, 15:13
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Oct 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-21 18:15
Updated : 2024-11-08 16:15
NVD link : CVE-2024-49982
Mitre link : CVE-2024-49982
CVE.ORG link : CVE-2024-49982
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free