{ "threat_severity" : "Moderate", "public_date" : "2024-07-29T00:00:00Z", "bugzilla" : { "description" : "kernel: xdp: Remove WARN() from __xdp_reg_mem_model()", "id" : "2300520", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2300520" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-770", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nxdp: Remove WARN() from __xdp_reg_mem_model()\nsyzkaller reports a warning in __xdp_reg_mem_model().\nThe warning occurs only if __mem_id_init_hash_table() returns an error. It\nreturns the error in two cases:\n1. memory allocation fails;\n2. rhashtable_init() fails when some fields of rhashtable_params\nstruct are not initialized properly.\nThe second case cannot happen since there is a static const rhashtable_params\nstruct with valid fields. So, warning is only triggered when there is a\nproblem with memory allocation.\nThus, there is no sense in using WARN() to handle this error and it can be\nsafely removed.\nWARNING: CPU: 0 PID: 5065 at net/core/xdp.c:299 __xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299\nCPU: 0 PID: 5065 Comm: syz-executor883 Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nRIP: 0010:__xdp_reg_mem_model+0x2d9/0x650 net/core/xdp.c:299\nCall Trace:\nxdp_reg_mem_model+0x22/0x40 net/core/xdp.c:344\nxdp_test_run_setup net/bpf/test_run.c:188 [inline]\nbpf_test_run_xdp_live+0x365/0x1e90 net/bpf/test_run.c:377\nbpf_prog_test_run_xdp+0x813/0x11b0 net/bpf/test_run.c:1267\nbpf_prog_test_run+0x33a/0x3b0 kernel/bpf/syscall.c:4240\n__sys_bpf+0x48d/0x810 kernel/bpf/syscall.c:5649\n__do_sys_bpf kernel/bpf/syscall.c:5738 [inline]\n__se_sys_bpf kernel/bpf/syscall.c:5736 [inline]\n__x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5736\ndo_syscall_64+0xfb/0x240\nentry_SYSCALL_64_after_hwframe+0x6d/0x75\nFound by Linux Verification Center (linuxtesting.org) with syzkaller.", "A flaw was found in the Linux kernel's xdp subsystem in the __xdp_reg_mem_model() function where a memory allocation failure will trigger a warning if the function __mem_id_init_hash_table() returns an error. This warning is unnecessary as it elevates the severity of a memory allocation failure and pollutes the kernel log with redundant and unnecessary warnings, decreasing the readability of system logs." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-09-11T00:00:00Z", "advisory" : "RHSA-2024:6567", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.35.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-09-11T00:00:00Z", "advisory" : "RHSA-2024:6567", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.35.1.el9_4" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-42082\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42082\nhttps://lore.kernel.org/linux-cve-announce/2024072956-CVE-2024-42082-8411@gregkh/T" ], "name" : "CVE-2024-42082", "csaw" : false }