CVE-2024-42247

Source
https://cve.org/CVERecord?id=CVE-2024-42247
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42247.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-42247
Downstream
Related
Published
2024-08-07T15:14:32.232Z
Modified
2026-06-18T03:57:33.514173803Z
Summary
wireguard: allowedips: avoid unaligned 64-bit memory accesses
Details

In the Linux kernel, the following vulnerability has been resolved:

wireguard: allowedips: avoid unaligned 64-bit memory accesses

On the parisc platform, the kernel issues kernel warnings because swap_endian() tries to load a 128-bit IPv6 address from an unaligned memory location:

Kernel: unaligned access to 0x55f4688c in wgallowedipsinsertv6+0x2c/0x80 [wireguard] (iir 0xf3010df) Kernel: unaligned access to 0x55f46884 in wgallowedipsinsertv6+0x38/0x80 [wireguard] (iir 0xf2010dc)

Avoid such unaligned memory accesses by instead using the getunalignedbe64() helper macro.

[Jason: replace src[8] in original patch with src+8]

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42247.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e7096c131e5161fa3b8e52a650d7719d2857adfd
Fixed
ae630de24efb123d7199a43256396d7758f4cb75
Fixed
b4764f0ad3d68de8a0b847c05f427afb86dd54e6
Fixed
217978a29c6ceca76d3c640bf94bdf50c268d801
Fixed
6638a203abad35fa636d59ac47bdbc4bc100fd74
Fixed
2fb34bf76431e831f9863cd59adc0bd1f67b0fbf
Fixed
948f991c62a4018fb81d85804eeab3029c6209f8

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42247.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.6.0
Fixed
5.10.222
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.163
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.100
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.41
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.10

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42247.json"