CVE-2024-39277
- Source
- https://cve.org/CVERecord?id=CVE-2024-39277
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39277.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-39277
- Downstream
- Related
- Published
- 2024-06-21T11:15:13.559Z
- Modified
- 2026-03-20T12:37:12.720516Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
dma-mapping: benchmark: handle NUMANONODE correctly
cpumaskofnode() can be called for NUMANONODE inside domapbenchmark() resulting in the following sanitizer report:
UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask [64][1]' CPU: 1 PID: 990 Comm: dmamapbenchma Not tainted 6.9.0-rc6 #29 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <TASK> dumpstacklvl (lib/dumpstack.c:117) ubsanepilogue (lib/ubsan.c:232) __ubsanhandleout_ofbounds (lib/ubsan.c:429) cpumaskofnode (arch/x86/include/asm/topology.h:72) [inline] domapbenchmark (kernel/dma/mapbenchmark.c:104) mapbenchmarkioctl (kernel/dma/mapbenchmark.c:246) fullproxyunlockedioctl (fs/debugfs/file.c:333) _x64sysioctl (fs/ioctl.c:890) dosyscall64 (arch/x86/entry/common.c:83) entrySYSCALL64afterhwframe (arch/x86/entry/entry64.S:130)
Use cpumaskofnode() in place when binding a kernel thread to a cpuset of a particular node.
Note that the provided node id is checked inside mapbenchmarkioctl(). It's just a NUMANONODE case which is not handled properly later.
Found by Linux Verification Center (linuxtesting.org).
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/39xxx/CVE-2024-39277.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f
- https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41
- https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464
- https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13
- https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/39xxx/CVE-2024-39277.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-39277
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced65789daa8087e125927230ccb7e1eab13999b0cfFixedb41b0018e8ca06e985e87220a618ec633988fd13Fixed8e1ba9df9a35e8dc64f657a64e523c79ba01e464Fixed5a91116b003175302f2e6ad94b76fb9b5a141a41Fixed50ee21bfc005e69f183d6b4b454e33f0c2571e1fFixede64746e74f717961250a155e14c156616fcd981f