CVE-2024-26881
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-26881
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26881.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-26881
- Related
- Published
- 2024-04-17T11:15:10Z
- Modified
- 2024-09-11T05:03:34.660755Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: fix kernel crash when 1588 is received on HIP08 devices
The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3RXDTSVLDB bit, so, if match this case, the access of hdev->ptp->flags will cause a kernel crash:
[ 5888.946472] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018 [ 5888.946475] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018 ... [ 5889.266118] pc : hclgeptpgetrxhwts+0x40/0x170 [hclge] [ 5889.272612] lr : hclgeptpgetrxhwts+0x34/0x170 [hclge] [ 5889.279101] sp : ffff800012c3bc50 [ 5889.283516] x29: ffff800012c3bc50 x28: ffff2040002be040 [ 5889.289927] x27: ffff800009116484 x26: 0000000080007500 [ 5889.296333] x25: 0000000000000000 x24: ffff204001c6f000 [ 5889.302738] x23: ffff204144f53c00 x22: 0000000000000000 [ 5889.309134] x21: 0000000000000000 x20: ffff204004220080 [ 5889.315520] x19: ffff204144f53c00 x18: 0000000000000000 [ 5889.321897] x17: 0000000000000000 x16: 0000000000000000 [ 5889.328263] x15: 0000004000140ec8 x14: 0000000000000000 [ 5889.334617] x13: 0000000000000000 x12: 00000000010011df [ 5889.340965] x11: bbfeff4d22000000 x10: 0000000000000000 [ 5889.347303] x9 : ffff800009402124 x8 : 0200f78811dfbb4d [ 5889.353637] x7 : 2200000000191b01 x6 : ffff208002a7d480 [ 5889.359959] x5 : 0000000000000000 x4 : 0000000000000000 [ 5889.366271] x3 : 0000000000000000 x2 : 0000000000000000 [ 5889.372567] x1 : 0000000000000000 x0 : ffff20400095c080 [ 5889.378857] Call trace: [ 5889.382285] hclgeptpgetrxhwts+0x40/0x170 [hclge] [ 5889.388304] hns3handlebdinfo+0x324/0x410 [hns3] [ 5889.394055] hns3handlerxbd+0x60/0x150 [hns3] [ 5889.399624] hns3cleanrxring+0x84/0x170 [hns3] [ 5889.405270] hns3niccommonpoll+0xa8/0x220 [hns3] [ 5889.411084] napipoll+0xcc/0x264 [ 5889.415329] netrxaction+0xd4/0x21c [ 5889.419911] _dosoftirq+0x130/0x358 [ 5889.424484] irqexit+0x134/0x154 [ 5889.428700] _handledomainirq+0x88/0xf0 [ 5889.433684] gichandleirq+0x78/0x2c0 [ 5889.438319] el1irq+0xb8/0x140 [ 5889.442354] archcpuidle+0x18/0x40 [ 5889.446816] defaultidlecall+0x5c/0x1c0 [ 5889.451714] cpuidleidlecall+0x174/0x1b0 [ 5889.456692] doidle+0xc8/0x160 [ 5889.460717] cpustartupentry+0x30/0xfc [ 5889.465523] secondarystartkernel+0x158/0x1ec [ 5889.470936] Code: 97ffab78 f9411c14 91408294 f9457284 (f9400c80) [ 5889.477950] SMP: stopping secondary CPUs [ 5890.514626] SMP: failed to stop secondary CPUs 0-69,71-95 [ 5890.522951] Starting crashdump kernel...
- References
-
- https://git.kernel.org/stable/c/0fbcf2366ba9888cf02eda23e35fde7f7fcc07c3
- https://git.kernel.org/stable/c/11b998360d96f6c76f04a95f54b49f24d3c858e4
- https://git.kernel.org/stable/c/23ec1cec24293f9799c725941677d4e167997265
- https://git.kernel.org/stable/c/b2bb19114c079dcfec1ea46e761f510e30505e70
- https://git.kernel.org/stable/c/b3cf70472a600bcb2efe24906bc9bc6014d4c6f6
- https://git.kernel.org/stable/c/f0b5225a7dfc1bf53c98215db8c2f0b4efd3f108
- https://security-tracker.debian.org/tracker/CVE-2024-26881
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.85-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.7.12-1