发布时间: 2024年8月30日
修改时间: 2024年8月30日
In the Linux kernel, the following vulnerability has been resolved:bpf: Avoid splat in pskb_pull_reasonsyzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debughint in pskb_may_pull.We d like to retain this debug check because it might hint at integeroverflows and other issues (kernel code should pull headers, not hugevalue).In bpf case, this splat isn t interesting at all: such (nonsensical)bpf programs are typically generated by a fuzzer anyway.Do what Eric suggested and suppress such warning.For CONFIG_DEBUG_NET=n we don t need the extra check becausepskb_may_pull will do the right thing: return an error without theWARN() backtrace.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | Low |
| Attack Vector | Local | Local |
| CVSS评分 | 7.8 | 3.9 |
| Attack Complexity | Low | High |
| Privileges Required | Low | High |
| Scope | Unchanged | Unchanged |
| Integrity | High | Low |
| User Interaction | None | None |
| Availability | High | Low |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2024-3338 | In the Linux kernel, the following vulnerability has been resolved:bpf: Avoid splat in pskb_pull_reasonsyzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debughint in pskb_may_pull.We d like to retain this debug check because it might hint at integeroverflows and other issues (kernel code should pull headers, not hugevalue).In bpf case, this splat isn t interesting at all: such (nonsensical)bpf programs are typically generated by a fuzzer anyway.Do what Eric suggested and suppress such warning.For CONFIG_DEBUG_NET=n we don t need the extra check becausepskb_may_pull will do the right thing: return an error without theWARN() backtrace. | 2024年8月21日 |
| 产品 | 包 | 状态 |
|---|---|---|
| V6 | kernel | Fixed |
