We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50298

net: enetc: allocate vf_state during PF probes



Description

In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabled. However, net_device_ops::ndo_set_vf_mac() may be called before VF is enabled to configure the MAC address of VF. If this is the case, enetc_pf_set_vf_mac() will access vf_state, resulting in access to a null pointer. The simplified error log is as follows. root@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89 [ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 [ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy [ 173.641973] lr : do_setlink+0x4a8/0xec8 [ 173.732292] Call trace: [ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80 [ 173.738847] __rtnl_newlink+0x530/0x89c [ 173.742692] rtnl_newlink+0x50/0x7c [ 173.746189] rtnetlink_rcv_msg+0x128/0x390 [ 173.750298] netlink_rcv_skb+0x60/0x130 [ 173.754145] rtnetlink_rcv+0x18/0x24 [ 173.757731] netlink_unicast+0x318/0x380 [ 173.761665] netlink_sendmsg+0x17c/0x3c8

Reserved 2024-10-21 | Published 2024-11-19 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

d4fd0404c1c95b17880f254ebfee3485693fa8ba before ef0edfbe9eeed1fccad7cb705648af5222664944
affected

d4fd0404c1c95b17880f254ebfee3485693fa8ba before 7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c
affected

d4fd0404c1c95b17880f254ebfee3485693fa8ba before e15c5506dd39885cd047f811a64240e2e8ab401b
affected

Default status
affected

5.1
affected

Any version before 5.1
unaffected

6.6.61
unaffected

6.11.8
unaffected

6.12
unaffected

References

git.kernel.org/...c/ef0edfbe9eeed1fccad7cb705648af5222664944

git.kernel.org/...c/7eb923f8d4819737c07d6a8d0daef0a4d7f99e0c

git.kernel.org/...c/e15c5506dd39885cd047f811a64240e2e8ab401b

cve.org (CVE-2024-50298)

nvd.nist.gov (CVE-2024-50298)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50298

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.