We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-53088

i40e: fix race condition by adding filter's intermediate sync state



Description

In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multiple threads are concurrently modifying MAC/VLAN filters by setting mac and port VLAN. 1. Thread T0 allocates a filter in i40e_add_filter() within i40e_ndo_set_vf_port_vlan(). 2. Thread T1 concurrently frees the filter in __i40e_del_filter() within i40e_ndo_set_vf_mac(). 3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which refers to the already freed filter memory, causing corruption. Reproduction steps: 1. Spawn multiple VFs. 2. Apply a concurrent heavy load by running parallel operations to change MAC addresses on the VFs and change port VLANs on the host. 3. Observe errors in dmesg: "Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX, please set promiscuous on manually for VF XX". Exact code for stable reproduction Intel can't open-source now. The fix involves implementing a new intermediate filter state, I40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list. These filters cannot be deleted from the hash list directly but must be removed using the full process.

Reserved 2024-11-19 | Published 2024-11-19 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

278e7d0b9d6864a9749b9473a273892aa1528621 before 262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a
affected

278e7d0b9d6864a9749b9473a273892aa1528621 before 7ad3fb3bfd43feb4e15c81dffd23ac4e55742791
affected

278e7d0b9d6864a9749b9473a273892aa1528621 before bf5f837d9fd27d32fb76df0a108babcaf4446ff1
affected

278e7d0b9d6864a9749b9473a273892aa1528621 before 6e046f4937474bc1b9fa980c1ad8f3253fc638f6
affected

278e7d0b9d6864a9749b9473a273892aa1528621 before f30490e9695ef7da3d0899c6a0293cc7cd373567
affected

Default status
affected

4.10
affected

Any version before 4.10
unaffected

5.15.172
unaffected

6.1.117
unaffected

6.6.61
unaffected

6.11.8
unaffected

6.12
unaffected

References

git.kernel.org/...c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a

git.kernel.org/...c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791

git.kernel.org/...c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1

git.kernel.org/...c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6

git.kernel.org/...c/f30490e9695ef7da3d0899c6a0293cc7cd373567

cve.org (CVE-2024-53088)

nvd.nist.gov (CVE-2024-53088)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-53088

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.