CVE-2024-42114

ULN >
Oracle Linux CVE repository >
CVE-2024-42114

CVE Details

Release Date:

2024-07-30

Description

In the Linux kernel, the following vulnerability has been resolved:\nwifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values\nsyzbot is able to trigger softlockups, setting NL80211_ATTR_TXQ_QUANTUM\nto 2^31.\nWe had a similar issue in sch_fq, fixed with commit\nd9e15a273306 ('pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM')\nwatchdog: BUG: soft lockup - CPU#1 stuck for 26s! [kworker/1:0:24]\nModules linked in:\nirq event stamp: 131135\nhardirqs last enabled at (131134): [] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline]\nhardirqs last enabled at (131134): [] exit_to_kernel_mode+0xdc/0x10c arch/arm64/kernel/entry-common.c:95\nhardirqs last disabled at (131135): [] __el1_irq arch/arm64/kernel/entry-common.c:533 [inline]\nhardirqs last disabled at (131135): [] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:551\nsoftirqs last enabled at (125892): [] neigh_hh_init net/core/neighbour.c:1538 [inline]\nsoftirqs last enabled at (125892): [] neigh_resolve_output+0x268/0x658 net/core/neighbour.c:1553\nsoftirqs last disabled at (125896): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19\nCPU: 1 PID: 24 Comm: kworker/1:0 Not tainted 6.9.0-rc7-syzkaller-gfda5695d692c #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nWorkqueue: mld mld_ifc_work\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __list_del include/linux/list.h:195 [inline]\npc : __list_del_entry include/linux/list.h:218 [inline]\npc : list_move_tail include/linux/list.h:310 [inline]\npc : fq_tin_dequeue include/net/fq_impl.h:112 [inline]\npc : ieee80211_tx_dequeue+0x6b8/0x3b4c net/mac80211/tx.c:3854\nlr : __list_del_entry include/linux/list.h:218 [inline]\nlr : list_move_tail include/linux/list.h:310 [inline]\nlr : fq_tin_dequeue include/net/fq_impl.h:112 [inline]\nlr : ieee80211_tx_dequeue+0x67c/0x3b4c net/mac80211/tx.c:3854\nsp : ffff800093d36700\nx29: ffff800093d36a60 x28: ffff800093d36960 x27: dfff800000000000\nx26: ffff0000d800ad50 x25: ffff0000d800abe0 x24: ffff0000d800abf0\nx23: ffff0000e0032468 x22: ffff0000e00324d4 x21: ffff0000d800abf0\nx20: ffff0000d800abf8 x19: ffff0000d800abf0 x18: ffff800093d363c0\nx17: 000000000000d476 x16: ffff8000805519dc x15: ffff7000127a6cc8\nx14: 1ffff000127a6cc8 x13: 0000000000000004 x12: ffffffffffffffff\nx11: ffff7000127a6cc8 x10: 0000000000ff0100 x9 : 0000000000000000\nx8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffff80009287aa08 x4 : 0000000000000008 x3 : ffff80008034c7fc\nx2 : ffff0000e0032468 x1 : 00000000da0e46b8 x0 : ffff0000e0032470\nCall trace:\n__list_del include/linux/list.h:195 [inline]\n__list_del_entry include/linux/list.h:218 [inline]\nlist_move_tail include/linux/list.h:310 [inline]\nfq_tin_dequeue include/net/fq_impl.h:112 [inline]\nieee80211_tx_dequeue+0x6b8/0x3b4c net/mac80211/tx.c:3854\nwake_tx_push_queue net/mac80211/util.c:294 [inline]\nieee80211_handle_wake_tx_queue+0x118/0x274 net/mac80211/util.c:315\ndrv_wake_tx_queue net/mac80211/driver-ops.h:1350 [inline]\nschedule_and_wake_txq net/mac80211/driver-ops.h:1357 [inline]\nieee80211_queue_skb+0x18e8/0x2244 net/mac80211/tx.c:1664\nieee80211_tx+0x260/0x400 net/mac80211/tx.c:1966\nieee80211_xmit+0x278/0x354 net/mac80211/tx.c:2062\n__ieee80211_subif_start_xmit+0xab8/0x122c net/mac80211/tx.c:4338\nieee80211_subif_start_xmit+0xe0/0x438 net/mac80211/tx.c:4532\n__netdev_start_xmit include/linux/netdevice.h:4903 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4917 [inline]\nxmit_one net/core/dev.c:3531 [inline]\ndev_hard_start_xmit+0x27c/0x938 net/core/dev.c:3547\n__dev_queue_xmit+0x1678/0x33fc net/core/dev.c:4341\ndev_queue_xmit include/linux/netdevice.h:3091 [inline]\nneigh_resolve_output+0x558/0x658 net/core/neighbour.c:1563\nneigh_output include/net/neighbour.h:542 [inline]\nip6_fini\n---truncated---

See more information about CVE-2024-42114 from MITRE CVE dictionary and NIST NVD

CVSS Scoring

NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score:	4.4	CVSS Vector:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector:	Local network	Attack Complexity:	Low
Privileges Required:	High	User Interaction:	None
Scope:	Unchanged	Confidentiality Impact:	None
Integrity Impact:	None	Availability Impact:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 8 (kernel)	ELSA-2024-7000	2024-09-24
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12815	2024-11-11
Oracle Linux version 9 (kernel)	ELSA-2024-9315	2024-11-14
Oracle Linux version 9 (kernel-uek)	ELSA-2024-12815	2024-11-11

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691