CVE-2024-36883

Updated: 2024-08-13 01:40:53.188863

Description:

In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It is read twice, first to allocate an array, then to set s.len, which is later used to limit the bounds of the array access. It is possible that the array is allocated and another thread is registering a new pernet ops, increments max_gen_ptrs, which is then used to set s.len with a larger than allocated length for the variable array. Fix it by reading max_gen_ptrs only once in net_alloc_generic. If max_gen_ptrs is later incremented, it will be caught in net_assign_generic.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x HIGH 7

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.0 HIGH Released CLSA-2025:1743193221 2024-09-02 17:23:11
CentOS 6 ELS kernel 2.6.32 7.0 HIGH Released CLSA-2024:1726655093 2024-09-26 12:40:25
CentOS 7 ELS kernel 3.10.0 7.0 HIGH Released CLSA-2024:1725389829 2024-09-17 12:29:14
CentOS 8.4 ELS kernel 4.18.0 7.0 HIGH Released CLSA-2024:1725872696 2024-09-09 05:23:23
CentOS 8.5 ELS kernel 4.18.0 7.0 HIGH Released CLSA-2024:1725876080 2024-09-09 12:13:07
CentOS Stream 8 ELS kernel 4.18.0 7.0 HIGH Released CLSA-2024:1725871927 2024-09-09 05:23:22
CloudLinux 6 ELS kernel 2.6.32 7.0 HIGH Ignored 2024-10-09 03:49:21
CloudLinux 7 ELS kernel 3.10.0 7.0 HIGH Ignored 2025-01-10 22:43:43
Oracle Linux 6 ELS kernel 2.6.32 7.0 HIGH Released CLSA-2024:1726609578 2024-09-17 22:39:10
RHEL 7 ELS kernel 3.10.0 7.0 HIGH Released CLSA-2025:1750353839 2025-06-20 00:27:36
Total: 13