high
7.8
CWE
125
Advisory Published
CVE Published
Updated

CVE-2024-39277: dma-mapping: benchmark: handle NUMA_NO_NODE correctly

First published: Fri Jun 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMA_NO_NODE correctly cpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark() resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask [64][1]' CPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:117) ubsan_epilogue (lib/ubsan.c:232) __ubsan_handle_out_of_bounds (lib/ubsan.c:429) cpumask_of_node (arch/x86/include/asm/topology.h:72) [inline] do_map_benchmark (kernel/dma/map_benchmark.c:104) map_benchmark_ioctl (kernel/dma/map_benchmark.c:246) full_proxy_unlocked_ioctl (fs/debugfs/file.c:333) __x64_sys_ioctl (fs/ioctl.c:890) do_syscall_64 (arch/x86/entry/common.c:83) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Use cpumask_of_node() in place when binding a kernel thread to a cpuset of a particular node. Note that the provided node id is checked inside map_benchmark_ioctl(). It's just a NUMA_NO_NODE case which is not handled properly later. Found by Linux Verification Center (linuxtesting.org).

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel<5.11
Linux Kernel>=5.15<5.15.161
Linux Kernel>=6.1<6.1.93
Linux Kernel>=6.6<6.6.33
Linux Kernel>=6.9<6.9.4
Linux Kernel=6.10.0-rc1
debian/linux
5.10.223-1
5.10.226-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.16-1

Remedy

https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f

Remedy

https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41

Remedy

https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464

Remedy

https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13

Remedy

https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f

Remedy

https://git.kernel.org/linus/65789daa8087e125927230ccb7e1eab13999b0cf

Remedy

https://git.kernel.org/linus/e64746e74f717961250a155e14c156616fcd981f

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-39277?

    CVE-2024-39277 has been classified as a medium severity vulnerability due to potential impacts on system stability.

  • Which versions of the Linux kernel are affected by CVE-2024-39277?

    CVE-2024-39277 affects Linux kernel versions below 5.11, between 5.15 and 5.15.161, between 6.1 and 6.1.93, between 6.6 and 6.6.33, and between 6.9 and 6.9.4.

  • How do I fix CVE-2024-39277?

    To mitigate CVE-2024-39277, upgrade to a patched version of the Linux kernel, specifically 5.10.223-1, 5.10.226-1, 6.1.123-1, 6.1.119-1, 6.12.10-1, or 6.12.11-1.

  • What is the impact of exploiting CVE-2024-39277?

    Exploitation of CVE-2024-39277 could lead to undefined behavior, including array index out-of-bounds errors, affecting system stability.

  • Is there a workaround for CVE-2024-39277?

    There are no official workarounds for CVE-2024-39277, so upgrading to a secure kernel version is recommended.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203