CVE-2024-36975
KEYS: trusted: Do not use WARN when encode fails
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Do not use WARN when encode fails
When asn1_encode_sequence() fails, WARN is not the correct solution.
1. asn1_encode_sequence() is not an internal function (located
in lib/asn1_encode.c).
2. Location is known, which makes the stack trace useless.
3. Results a crash if panic_on_warn is set.
It is also noteworthy that the use of WARN is undocumented, and it
should be avoided unless there is a carefully considered rationale to
use it.
Replace WARN with pr_err, and print the return value instead, which is
only useful piece of information.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: LLAVES: confiable: no usar WARN cuando falla la codificación Cuando falla asn1_encode_sequence(), WARN no es la solución correcta. 1. asn1_encode_sequence() no es una función interna (ubicada en lib/asn1_encode.c). 2. Se conoce la ubicación, lo que hace que el seguimiento de la pila sea inútil. 3. Se produce un bloqueo si se configura pánico_on_warn. También es digno de mención que el uso de WARN no está documentado y debe evitarse a menos que exista una justificación cuidadosamente considerada para su uso. Reemplace WARN con pr_err e imprima el valor de retorno, que es solo información útil.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-30 CVE Reserved
- 2024-06-18 CVE Published
- 2024-06-19 EPSS Updated
- 2024-09-11 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/f2219745250f388edacabe6cca73654131c67d0a | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 5.15.160 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 5.15.160" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 6.1.92 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.1.92" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 6.6.32 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.6.32" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 6.8.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.8.11" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 6.9.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.9.2" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.13 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.10" | en |
Affected
| ||||||