CVE-2024-47708
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-47708
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47708.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-47708
- Downstream
- Related
- Published
- 2024-10-21T11:53:42Z
- Modified
- 2025-10-17T12:59:12.242600Z
- Summary
- netkit: Assign missing bpf_net_context
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netkit: Assign missing bpfnetcontext
During the introduction of struct bpfnetcontext handling for XDP-redirect, the netkit driver has been missed, which also requires it because NETKITREDIRECT invokes skbdo_redirect() which is accessing the per-CPU variables. Otherwise we see the following crash:
BUG: kernel NULL pointer dereference, address: 0000000000000038 bpf_redirect() netkit_xmit() dev_hard_start_xmit()Set the bpfnetcontext before invoking netkit_xmit() program within the netkit driver.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced401cb7dae8130fd34eb84648e02ab4c506df7d5eFixed182c6fed8c7f62cddce0126ec1fc0da2b700fb11
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced401cb7dae8130fd34eb84648e02ab4c506df7d5eFixed157f29152b61ca41809dd7ead29f5733adeced19
Affected versions
v6.*
v6.10
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@182c6fed8c7f62cddce0126ec1fc0da2b700fb11",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"56919521093517901752479213467145805401",
"165434621907251517112188824784814028409",
"286646432418516064926887696635228688914",
"197529027365532013014062965235038014359",
"170055482583318612221080567923544414453",
"245136334367792109491226536329700806971",
"274616583402538407275927937427058644918",
"44084772285799104644511555356094706029",
"65072798004808453125193458744227115291",
"317912439375328281691630226641361366349",
"252740002487369498979726642375873890319"
]
},
"id": "CVE-2024-47708-250b05bd",
"signature_type": "Line",
"target": {
"file": "drivers/net/netkit.c"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@157f29152b61ca41809dd7ead29f5733adeced19",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "14444446473640318190715356912674714833",
"length": 1139.0
},
"id": "CVE-2024-47708-486c8066",
"signature_type": "Function",
"target": {
"function": "netkit_xmit",
"file": "drivers/net/netkit.c"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@182c6fed8c7f62cddce0126ec1fc0da2b700fb11",
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "14444446473640318190715356912674714833",
"length": 1139.0
},
"id": "CVE-2024-47708-96545689",
"signature_type": "Function",
"target": {
"function": "netkit_xmit",
"file": "drivers/net/netkit.c"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@157f29152b61ca41809dd7ead29f5733adeced19",
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"56919521093517901752479213467145805401",
"165434621907251517112188824784814028409",
"286646432418516064926887696635228688914",
"197529027365532013014062965235038014359",
"170055482583318612221080567923544414453",
"245136334367792109491226536329700806971",
"274616583402538407275927937427058644918",
"44084772285799104644511555356094706029",
"65072798004808453125193458744227115291",
"317912439375328281691630226641361366349",
"252740002487369498979726642375873890319"
]
},
"id": "CVE-2024-47708-e0d40b5a",
"signature_type": "Line",
"target": {
"file": "drivers/net/netkit.c"
}
}
]