CVE-2024-53094

{"id": "CVE-2024-53094", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-11-21T19:15:12.680", "references": [{"url": "https://git.kernel.org/stable/c/3406bfc813a9bbd9c3055795e985f527b7852e8c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4e1e3dd88a4cedd5ccc1a3fc3d71e03b70a7a791", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bb5738957d92c8603a90c9664d34236641c221b2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES\n\nWhile running ISER over SIW, the initiator machine encounters a warning\nfrom skb_splice_from_iter() indicating that a slab page is being used in\nsend_page. To address this, it is better to add a sendpage_ok() check\nwithin the driver itself, and if it returns 0, then MSG_SPLICE_PAGES flag\nshould be disabled before entering the network stack.\n\nA similar issue has been discussed for NVMe in this thread:\nhttps://lore.kernel.org/all/20240530142417.146696-1-ofir.gal@volumez.com/\n\n WARNING: CPU: 0 PID: 5342 at net/core/skbuff.c:7140 skb_splice_from_iter+0x173/0x320\n Call Trace:\n tcp_sendmsg_locked+0x368/0xe40\n siw_tx_hdt+0x695/0xa40 [siw]\n siw_qp_sq_process+0x102/0xb00 [siw]\n siw_sq_resume+0x39/0x110 [siw]\n siw_run_sq+0x74/0x160 [siw]\n kthread+0xd2/0x100\n ret_from_fork+0x34/0x40\n ret_from_fork_asm+0x1a/0x30"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/siw: Agregar la comprobaci\u00f3n sendpage_ok() para deshabilitar MSG_SPLICE_PAGES Mientras se ejecuta ISER sobre SIW, la m\u00e1quina iniciadora encuentra una advertencia de skb_splice_from_iter() que indica que se est\u00e1 utilizando una p\u00e1gina slab en send_page. Para solucionar esto, es mejor agregar una comprobaci\u00f3n sendpage_ok() dentro del propio controlador y, si devuelve 0, entonces se debe deshabilitar el indicador MSG_SPLICE_PAGES antes de ingresar a la pila de red. Se ha discutido un problema similar para NVMe en este hilo: https://lore.kernel.org/all/20240530142417.146696-1-ofir.gal@volumez.com/ ADVERTENCIA: CPU: 0 PID: 5342 en net/core/skbuff.c:7140 skb_splice_from_iter+0x173/0x320 Seguimiento de llamadas: tcp_sendmsg_locked+0x368/0xe40 siw_tx_hdt+0x695/0xa40 [siw] siw_qp_sq_process+0x102/0xb00 [siw] siw_sq_resume+0x39/0x110 [siw] siw_run_sq+0x74/0x160 [siw] kthread+0xd2/0x100 ret_de_la_bifurcaci\u00f3n+0x34/0x40 ret_de_la_bifurcaci\u00f3n_asm+0x1a/0x30"}], "lastModified": "2024-12-24T15:07:35.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6074648-EE3E-4378-87E7-509F45D0245A", "versionEndExcluding": "6.6.62"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "759504D4-BE53-492C-BA9B-70F6A9F409CA", "versionEndExcluding": "6.11.9", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}