CVE-2024-35889

idpf: fix kernel panic on unknown packet types

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: idpf: fix kernel panic on unknown packet types In the very rare case where a packet type is unknown to the driver,
idpf_rx_process_skb_fields would return early without calling
eth_type_trans to set the skb protocol / the network layer handler.
This is especially problematic if tcpdump is running when such a
packet is received, i.e. it would cause a kernel panic. Instead, call eth_type_trans for every single packet, even when
the packet type is unknown.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: idpf: corrige el pánico del kernel en tipos de paquetes desconocidos. En el caso muy raro de que el controlador desconozca un tipo de paquete, idpf_rx_process_skb_fields regresaría antes de tiempo sin llamar a eth_type_trans para configurar el protocolo skb/el manejador de capa de red. Esto es especialmente problemático si tcpdump se está ejecutando cuando se recibe dicho paquete, es decir, causaría un pánico en el kernel. En su lugar, llame a eth_type_trans para cada paquete, incluso cuando se desconozca el tipo de paquete.

In the Linux kernel, the following vulnerability has been resolved: idpf: fix kernel panic on unknown packet types In the very rare case where a packet type is unknown to the driver, idpf_rx_process_skb_fields would return early without calling eth_type_trans to set the skb protocol / the network layer handler. This is especially problematic if tcpdump is running when such a packet is received, i.e. it would cause a kernel panic. Instead, call eth_type_trans for every single packet, even when the packet type is unknown.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-19 CVE Published
2024-05-20 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (3)

URL	Tag	Source
https://git.kernel.org/stable/c/3a8845af66edb340ba9210bb8a0da040c7d6e590	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/b4d28f7fa4dd531cf503a4fe1ca7008960cc5832	2024-04-10
https://git.kernel.org/stable/c/dd19e827d63ac60debf117676d1126bff884bdb8	2024-04-03

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.8.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.8.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.9"		en		Affected