CVE-2024-47693

CVE Details

Release Date:

2024-10-21

Description

In the Linux kernel, the following vulnerability has been resolved:\nIB/core: Fix ib_cache_setup_one error flow cleanup\nWhen ib_cache_update return an error, we exit ib_cache_setup_one\ninstantly with no proper cleanup, even though before this we had\nalready successfully done gid_table_setup_one, that results in\nthe kernel WARN below.\nDo proper cleanup using gid_table_cleanup_one before returning\nthe err in order to fix the issue.\nWARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0\nModules linked in:\nCPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:gid_table_release_one+0x181/0x1a0\nCode: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff <0f> 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41\nRSP: 0018:ffffc90002b835b0 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527\nRDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001\nRBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631\nR10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001\nR13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001\nFS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n? show_regs+0x94/0xa0\n? __warn+0x9e/0x1c0\n? gid_table_release_one+0x181/0x1a0\n? report_bug+0x1f9/0x340\n? gid_table_release_one+0x181/0x1a0\n? handle_bug+0xa2/0x110\n? exc_invalid_op+0x31/0xa0\n? asm_exc_invalid_op+0x16/0x20\n? __warn_printk+0xc7/0x180\n? __warn_printk+0xd4/0x180\n? gid_table_release_one+0x181/0x1a0\nib_device_release+0x71/0xe0\n? __pfx_ib_device_release+0x10/0x10\ndevice_release+0x44/0xd0\nkobject_put+0x135/0x3d0\nput_device+0x20/0x30\nrxe_net_add+0x7d/0xa0\nrxe_newlink+0xd7/0x190\nnldev_newlink+0x1b0/0x2a0\n? __pfx_nldev_newlink+0x10/0x10\nrdma_nl_rcv_msg+0x1ad/0x2e0\nrdma_nl_rcv_skb.constprop.0+0x176/0x210\nnetlink_unicast+0x2de/0x400\nnetlink_sendmsg+0x306/0x660\n__sock_sendmsg+0x110/0x120\n____sys_sendmsg+0x30e/0x390\n___sys_sendmsg+0x9b/0xf0\n? kstrtouint+0x6e/0xa0\n? kstrtouint_from_user+0x7c/0xb0\n? get_pid_task+0xb0/0xd0\n? proc_fail_nth_write+0x5b/0x140\n? __fget_light+0x9a/0x200\n? preempt_count_add+0x47/0xa0\n__sys_sendmsg+0x61/0xd0\ndo_syscall_64+0x50/0x110\nentry_SYSCALL_64_after_hwframe+0x76/0x7e

See more information about CVE-2024-47693 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v3 metrics

Base Score:	6.5
Vector String:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version:	3.1
Attack Vector:	Network
Attack Complexity:	Low
Privileges Required:	Low
User Interaction:	None
Scope:	Unchanged
Confidentiality:	None
Integrity:	None
Availability:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12887	2024-12-18
Oracle Linux version 9 (kernel-uek)	ELSA-2024-12887	2024-12-18