CVE-2024-50298: net: enetc: allocate vf_state during PF probes
First published: Tue Nov 19 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabled. However, net_device_ops::ndo_set_vf_mac() may be called before VF is enabled to configure the MAC address of VF. If this is the case, enetc_pf_set_vf_mac() will access vf_state, resulting in access to a null pointer. The simplified error log is as follows. root@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89 [ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 [ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy [ 173.641973] lr : do_setlink+0x4a8/0xec8 [ 173.732292] Call trace: [ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80 [ 173.738847] __rtnl_newlink+0x530/0x89c [ 173.742692] rtnl_newlink+0x50/0x7c [ 173.746189] rtnetlink_rcv_msg+0x128/0x390 [ 173.750298] netlink_rcv_skb+0x60/0x130 [ 173.754145] rtnetlink_rcv+0x18/0x24 [ 173.757731] netlink_unicast+0x318/0x380 [ 173.761665] netlink_sendmsg+0x17c/0x3c8
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=5.1<6.6.61 | |
| Linux Kernel | >=6.7<6.11.8 | |
| Linux Kernel | =6.12-rc1 | |
| Linux Kernel | =6.12-rc2 | |
| Linux Kernel | =6.12-rc3 | |
| Linux Kernel | =6.12-rc4 | |
| Linux Kernel | =6.12-rc5 | |
| Linux Kernel | =6.12-rc6 | |
| debian/linux | <=5.10.223-1<=5.10.226-1<=6.1.123-1<=6.1.128-1 | 6.12.12-1 6.12.15-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/ef0edfbe9eeed1fccad7cb705648af5222664944
- https://git.kernel.org/stable/c/7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c
- https://git.kernel.org/stable/c/e15c5506dd39885cd047f811a64240e2e8ab401b
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50298
- https://nvd.nist.gov/vuln/detail/CVE-2024-50298
- https://launchpad.net/bugs/cve/CVE-2024-50298
- https://security-tracker.debian.org/tracker/CVE-2024-50298
- https://ubuntu.com/security/CVE-2024-50298
- https://git.kernel.org/linus/e15c5506dd39885cd047f811a64240e2e8ab401b
Frequently Asked Questions
What is the severity of CVE-2024-50298?
CVE-2024-50298 has a moderate severity as it may lead to unexpected behavior during packet processing.
How do I fix CVE-2024-50298?
To address CVE-2024-50298, update your Linux kernel to the latest version which includes the fix.
What versions of the Linux kernel are affected by CVE-2024-50298?
CVE-2024-50298 affects Linux kernel versions between 5.1 and 6.6.61, as well as certain pre-release versions of 6.12.
What type of vulnerability is CVE-2024-50298?
CVE-2024-50298 is a memory allocation vulnerability in the net_device_ops of the Linux kernel.
Can CVE-2024-50298 be exploited remotely?
CVE-2024-50298 may be exploitable under specific conditions, potentially allowing attackers to manipulate virtual functions.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/usn-cve
- source/Ubuntu
- collector/launchpad-cve
- source/Launchpad
- collector/security-tracker-debian
- source/Debian
- agent/references
- agent/source
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.1
- version/linux kernel/6.7
- version/linux kernel/6.12-rc1
- version/linux kernel/6.12-rc2
- version/linux kernel/6.12-rc3
- version/linux kernel/6.12-rc4
- version/linux kernel/6.12-rc5
- version/linux kernel/6.12-rc6
- package-manager/debian