CVE-2024-40996

bpf: Avoid splat in pskb_pull_reason

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

bpf: Avoid splat in pskb_pull_reason

syzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debug
hint in pskb_may_pull.

We'd like to retain this debug check because it might hint at integer
overflows and other issues (kernel code should pull headers, not huge
value).

In bpf case, this splat isn't interesting at all: such (nonsensical)
bpf programs are typically generated by a fuzzer anyway.

Do what Eric suggested and suppress such warning.

For CONFIG_DEBUG_NET=n we don't need the extra check because
pskb_may_pull will do the right thing: return an error without the
WARN() backtrace.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-12 CVE Reserved
2024-07-12 CVE Published
2024-08-22 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/8af60bb2b215f478b886f1d6d302fefa7f0b917d	Vuln. Introduced
https://git.kernel.org/stable/c/1b2b26595bb09febf14c5444c873ac4ec90a5a77	Vuln. Introduced
https://git.kernel.org/stable/c/219eee9c0d16f1b754a8b85275854ab17df0850a	Vuln. Introduced
https://git.kernel.org/stable/c/fff05b2b004d9a8a2416d08647f3dc9068e357c8	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/dacc15e9cb248d19e5fc63c54bef0b9b55007761	2024-06-27
https://git.kernel.org/stable/c/7f9644782c559635bd676c12c59389a34ed7c866	2024-06-27
https://git.kernel.org/stable/c/5e90258303a358e88737afb5048bee9113beea3a	2024-06-27
https://git.kernel.org/stable/c/2bbe3e5a2f4ef69d13be54f1cf895b4658287080	2024-06-14

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.86 < 6.1.96 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.86 < 6.1.96"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.27 < 6.6.36 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.27 < 6.6.36"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.9 < 6.9.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.9 < 6.9.7"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.9 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.9 < 6.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.8.6 Search vendor "Linux" for product "Linux Kernel" and version "6.8.6"		en		Affected