CVE-2024-27393
xen-netfront: Add missing skb_mark_for_recycle
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
xen-netfront: Add missing skb_mark_for_recycle
Notice that skb_mark_for_recycle() is introduced later than fixes tag in
commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling").
It is believed that fixes tag were missing a call to page_pool_release_page()
between v5.9 to v5.14, after which is should have used skb_mark_for_recycle().
Since v6.6 the call page_pool_release_page() were removed (in
commit 535b9c61bdef ("net: page_pool: hide page_pool_release_page()")
and remaining callers converted (in commit 6bfef2ec0172 ("Merge branch
'net-page_pool-remove-page_pool_release_page'")).
This leak became visible in v6.8 via commit dba1b8a7ab68 ("mm/page_pool: catch
page_pool memory leaks").
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: xen-netfront: agrega skb_mark_for_recycle faltante. Tenga en cuenta que skb_mark_for_recycle() se introduce más tarde que la etiqueta de corrección en el commit 6a5bcd84e886 ("page_pool: permitir que los controladores indiquen el reciclaje de SKB"). Se cree que a la etiqueta de correcciones le faltaba una llamada a page_pool_release_page() entre v5.9 y v5.14, después de lo cual debería haber usado skb_mark_for_recycle(). Desde v6.6, la llamada page_pool_release_page() se eliminó (en el commit 535b9c61bdef ("net: page_pool: hide page_pool_release_page()") y las personas que llaman restantes se convirtieron (en el commit 6bfef2ec0172 ("Merge Branch 'net-page_pool-remove-page_pool_release_page'") ). Esta fuga se hizo visible en la versión 6.8 mediante el commit dba1b8a7ab68 ("mm/page_pool: captura pérdidas de memoria en page_pool").
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-25 CVE Reserved
- 2024-05-09 CVE Published
- 2024-06-11 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-27393 | 2024-08-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2280745 | 2024-08-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.9 < 5.15.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 5.15.154" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.9 < 6.1.85 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.1.85" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.9 < 6.6.26 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.6.26" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.9 < 6.8.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.8.5" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.9 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.9 < 6.9" | en |
Affected
| ||||||