In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a segment issue when downgrading gso_size
Linearize the skb when downgrading gsosize because it may trigger a BUGON() later when the skb is segmented as described in [1,2].
[
{
"digest": {
"function_hash": "122839178185974902001741168630381244276",
"length": 2338.0
},
"id": "CVE-2024-42281-13aa3a44",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a689f5eb13a90f892a088865478b3cd39f53d5dc",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-2503676c",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a689f5eb13a90f892a088865478b3cd39f53d5dc",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "287946671080291365842576616968146514922",
"length": 2511.0
},
"id": "CVE-2024-42281-3f38fbc0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f6bb8c90cab97a3e03f8d30e3069efe6a742e0be",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-4db86a99",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f6bb8c90cab97a3e03f8d30e3069efe6a742e0be",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-57239fdc",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3496314c53e7e82ddb544c825defc3e8c0e45cf",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-651fa742",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ec4eea14d75f7b0491194dd413f540dd19b8c733",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "287946671080291365842576616968146514922",
"length": 2511.0
},
"id": "CVE-2024-42281-73616e02",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c3496314c53e7e82ddb544c825defc3e8c0e45cf",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "287946671080291365842576616968146514922",
"length": 2511.0
},
"id": "CVE-2024-42281-8c91bed1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11ec79f5c7f74261874744039bc1551023edd6b2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-9875390a",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa5ef655615a01533035c6139248c5b33aa27028",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-a30b6c26",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dda518dea60d556a2d171c0122ca7d9fdb7d473a",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "122839178185974902001741168630381244276",
"length": 2338.0
},
"id": "CVE-2024-42281-bd99be30",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dda518dea60d556a2d171c0122ca7d9fdb7d473a",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "287946671080291365842576616968146514922",
"length": 2511.0
},
"id": "CVE-2024-42281-c3019e9f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ec4eea14d75f7b0491194dd413f540dd19b8c733",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"113594049638605531524796213298320077064",
"277279741887589561735401618414929545567",
"134201766881303434096694532627727456655",
"111208205009389546122993246750836347382",
"204373214226640631681346837051712180353",
"121080716745117327585629185851666443806",
"26783382068066690271015405476939012944"
],
"threshold": 0.9
},
"id": "CVE-2024-42281-ca2ee074",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@11ec79f5c7f74261874744039bc1551023edd6b2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/core/filter.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "287946671080291365842576616968146514922",
"length": 2511.0
},
"id": "CVE-2024-42281-e267bc4c",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa5ef655615a01533035c6139248c5b33aa27028",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "bpf_skb_net_grow",
"file": "net/core/filter.c"
},
"signature_type": "Function"
}
]