CVE-2024-53066

In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ===================================================== ===================================================== BUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_generic+0x806/0xb00 nfs4_xdr_dec_getattr+0x1de/0x240 rpcauth_unwrap_resp_decode+0xab/0x100 rpcauth_unwrap_resp+0x95/0xc0 call_decode+0x4ff/0xb50 __rpc_execute+0x57b/0x19d0 rpc_execute+0x368/0x5e0 rpc_run_task+0xcfe/0xee0 nfs4_proc_getattr+0x5b5/0x990 __nfs_revalidate_inode+0x477/0xd00 nfs_access_get_cached+0x1021/0x1cc0 nfs_do_access+0x9f/0xae0 nfs_permission+0x1e4/0x8c0 inode_permission+0x356/0x6c0 link_path_walk+0x958/0x1330 path_lookupat+0xce/0x6b0 filename_lookup+0x23e/0x770 vfs_statx+0xe7/0x970 vfs_fstatat+0x1f2/0x2c0 __se_sys_newfstatat+0x67/0x880 __x64_sys_newfstatat+0xbd/0x120 x64_sys_call+0x1826/0x3cf0 do_syscall_64+0xd0/0x1b0 entry_SYSCALL_64_after_hwframe+0x77/0x7f The KMSAN warning is triggered in decode_getfattr_attrs(), when calling decode_attr_mdsthreshold(). It appears that fattr->mdsthreshold is not initialized. Fix the issue by initializing fattr->mdsthreshold to NULL in nfs_fattr_init().

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/25ffd294fef81a7f3cd9528adf21560c04d98747	Patch
https://git.kernel.org/stable/c/8fc5ea9231af9122d227c9c13f5e578fca48d2e3	Patch
https://git.kernel.org/stable/c/9b453e8b108a5a93a6e348cf2ba4c9c138314a00	Patch
https://git.kernel.org/stable/c/9be0a21ae52b3b822d0eec4d14e909ab394f8a92	Patch
https://git.kernel.org/stable/c/bbfcd261cc068fe1cd02a4e871275074a0daa4e2	Patch
https://git.kernel.org/stable/c/dc270d7159699ad6d11decadfce9633f0f71c1db	Patch
https://git.kernel.org/stable/c/f6b2b2b981af8e7d7c62d34143acefa4e1edfe8b	Patch
https://git.kernel.org/stable/c/f749cb60a01f8391c760a1d6ecd938cadacf9549	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc6::::::

History

25 Nov 2024, 21:03

Type	Values Removed	Values Added
CWE		CWE-908
CPE		cpe:2.3:o:linux:linux_kernel:6.12:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/25ffd294fef81a7f3cd9528adf21560c04d98747 -~~	() https://git.kernel.org/stable/c/25ffd294fef81a7f3cd9528adf21560c04d98747 - Patch
References	~~() https://git.kernel.org/stable/c/8fc5ea9231af9122d227c9c13f5e578fca48d2e3 -~~	() https://git.kernel.org/stable/c/8fc5ea9231af9122d227c9c13f5e578fca48d2e3 - Patch
References	~~() https://git.kernel.org/stable/c/9b453e8b108a5a93a6e348cf2ba4c9c138314a00 -~~	() https://git.kernel.org/stable/c/9b453e8b108a5a93a6e348cf2ba4c9c138314a00 - Patch
References	~~() https://git.kernel.org/stable/c/9be0a21ae52b3b822d0eec4d14e909ab394f8a92 -~~	() https://git.kernel.org/stable/c/9be0a21ae52b3b822d0eec4d14e909ab394f8a92 - Patch
References	~~() https://git.kernel.org/stable/c/bbfcd261cc068fe1cd02a4e871275074a0daa4e2 -~~	() https://git.kernel.org/stable/c/bbfcd261cc068fe1cd02a4e871275074a0daa4e2 - Patch
References	~~() https://git.kernel.org/stable/c/dc270d7159699ad6d11decadfce9633f0f71c1db -~~	() https://git.kernel.org/stable/c/dc270d7159699ad6d11decadfce9633f0f71c1db - Patch
References	~~() https://git.kernel.org/stable/c/f6b2b2b981af8e7d7c62d34143acefa4e1edfe8b -~~	() https://git.kernel.org/stable/c/f6b2b2b981af8e7d7c62d34143acefa4e1edfe8b - Patch
References	~~() https://git.kernel.org/stable/c/f749cb60a01f8391c760a1d6ecd938cadacf9549 -~~	() https://git.kernel.org/stable/c/f749cb60a01f8391c760a1d6ecd938cadacf9549 - Patch
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfs: Corrige la advertencia de KMSAN en decode_getfattr_attrs() Corrige la siguiente advertencia de KMSAN: CPU: 1 UID: 0 PID: 7651 Comm: cp Contaminado: GB Contaminado: [B]=BAD_PAGE Nombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009) ====================================================== ============================================================= ERROR: KMSAN: valor no inicializado en decodificar_getfattr_attrs+0x2d6d/0x2f90 decodificar_getfattr_attrs+0x2d6d/0x2f90 decodificar_getfattr_generic+0x806/0xb00 nfs4_xdr_dec_getattr+0x1de/0x240 rpcauth_unwrap_resp_decode+0xab/0x100 rpcauth_unwrap_resp+0x95/0xc0 llamar_decodificar+0x4ff/0xb50 __rpc_execute+0x57b/0x19d0 rpc_execute+0x368/0x5e0 rpc_run_task+0xcfe/0xee0 nfs4_proc_getattr+0x5b5/0x990 __nfs_revalidate_inode+0x477/0xd00 nfs_access_get_cached+0x1021/0x1cc0 nfs_do_access+0x9f/0xae0 nfs_permission+0x1e4/0x8c0 inode_permission+0x356/0x6c0 link_path_walk+0x958/0x1330 path_lookupat+0xce/0x6b0 filename_lookup+0x23e/0x770 vfs_statx+0xe7/0x970 vfs_fstatat+0x1f2/0x2c0 __se_sys_newfstatat+0x67/0x880 __x64_sys_newfstatat+0xbd/0x120 La advertencia de KMSAN se activa en decode_getfattr_attrs(), al llamar a decode_attr_mdsthreshold(). Parece que fattr->mdsthreshold no está inicializado. Solucione el problema inicializando fattr->mdsthreshold en NULL en nfs_fattr_init().

19 Nov 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-19 18:15

Updated : 2024-11-25 21:03

NVD link : CVE-2024-53066

Mitre link : CVE-2024-53066

CVE.ORG link : CVE-2024-53066

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-908

Use of Uninitialized Resource

5.5 /10