CVE-2024-56636

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-56636
In the Linux kernel, the following vulnerability has been resolved: geneve: do not assume mac header is set in geneve_xmit_skb() We should not assume mac header is set in output path. Use skb_eth_hdr() instead of eth_hdr() to fix the issue. sysbot reported the following : WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 skb_mac_header include/linux/skbuff.h:3052 [inline] WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 eth_hdr include/linux/if_ether.h:24 [inline] WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit_skb drivers/net/geneve.c:898 [inline] WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039 Modules linked in: CPU: 0 UID: 0 PID: 11635 Comm: syz.4.1423 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:skb_mac_header include/linux/skbuff.h:3052 [inline] RIP: 0010:eth_hdr include/linux/if_ether.h:24 [inline] RIP: 0010:geneve_xmit_skb drivers/net/geneve.c:898 [inline] RIP: 0010:geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039 Code: 21 c6 02 e9 35 d4 ff ff e8 a5 48 4c fb 90 0f 0b 90 e9 fd f5 ff ff e8 97 48 4c fb 90 0f 0b 90 e9 d8 f5 ff ff e8 89 48 4c fb 90 <0f> 0b 90 e9 41 e4 ff ff e8 7b 48 4c fb 90 0f 0b 90 e9 cd e7 ff ff RSP: 0018:ffffc90003b2f870 EFLAGS: 00010283 RAX: 000000000000037a RBX: 000000000000ffff RCX: ffffc9000dc3d000 RDX: 0000000000080000 RSI: ffffffff86428417 RDI: 0000000000000003 RBP: ffffc90003b2f9f0 R08: 0000000000000003 R09: 000000000000ffff R10: 000000000000ffff R11: 0000000000000002 R12: ffff88806603c000 R13: 0000000000000000 R14: ffff8880685b2780 R15: 0000000000000e23 FS: 00007fdc2deed6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b30a1dff8 CR3: 0000000056b8c000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] __dev_direct_xmit+0x58a/0x720 net/core/dev.c:4490 dev_direct_xmit include/linux/netdevice.h:3181 [inline] packet_xmit+0x1e4/0x360 net/packet/af_packet.c:285 packet_snd net/packet/af_packet.c:3146 [inline] packet_sendmsg+0x2700/0x5660 net/packet/af_packet.c:3178 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] __sys_sendto+0x488/0x4f0 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0xe0/0x1c0 net/socket.c:2200 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/177b72ed7c77b11e46dd4336d73a87a77a5603af Patch
https://git.kernel.org/stable/c/2ee7bdc7cb40abfe658a71fbd10c7db2f4fc4f9a Patch
https://git.kernel.org/stable/c/8588c99c7d47448fcae39e3227d6e2bb97aad86d Patch
https://git.kernel.org/stable/c/97ce3a4ec55eac6b5e2949ffb04028d604afda3b Patch
https://git.kernel.org/stable/c/b65958284401016b983078c68f70b047537f4aba Patch
https://git.kernel.org/stable/c/d9fa09ca004befe9cf826d6820439cb6f93cecd7 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
History

08 Oct 2025, 13:36

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CWE NVD-CWE-noinfo
First Time Linux
Linux linux Kernel
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: geneve: no suponga que el encabezado mac está configurado en geneve_xmit_skb() No debemos asumir que el encabezado mac está configurado en la ruta de salida. Utilice skb_eth_hdr() en lugar de eth_hdr() para solucionar el problema. sysbot informó lo siguiente: ADVERTENCIA: CPU: 0 PID: 11635 en include/linux/skbuff.h:3052 skb_mac_header include/linux/skbuff.h:3052 [en línea] ADVERTENCIA: CPU: 0 PID: 11635 en include/linux/skbuff.h:3052 eth_hdr include/linux/if_ether.h:24 [en línea] ADVERTENCIA: CPU: 0 PID: 11635 en include/linux/skbuff.h:3052 geneve_xmit_skb drivers/net/geneve.c:898 [en línea] ADVERTENCIA: CPU: 0 PID: 11635 en include/linux/skbuff.h:3052 geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039 Módulos vinculados en: CPU: 0 UID: 0 PID: 11635 Comm: syz.4.1423 No contaminado 6.12.0-syzkaller-10296-gaaf20f870da0 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 RIP: 0010:skb_mac_header include/linux/skbuff.h:3052 [en línea] RIP: 0010:eth_hdr include/linux/if_ether.h:24 [en línea] RIP: 0010:geneve_xmit_skb drivers/net/geneve.c:898 [en línea] RIP: 0010:geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039 Código: 21 c6 02 e9 35 d4 ff ff e8 a5 48 4c fb 90 0f 0b 90 e9 fd f5 ff ff e8 97 48 4c fb 90 0f 0b 90 e9 d8 f5 ff ff e8 89 48 4c fb 90 &lt;0f&gt; 0b 90 e9 41 e4 ff ff e8 7b 48 4c fb 90 0f 0b 90 e9 cd e7 ff ff RSP: 0018:ffffc90003b2f870 EFLAGS: 00010283 RAX: 000000000000037a RBX: 000000000000ffff RCX: ffffc9000dc3d000 RDX: 0000000000080000 RSI: ffffffff86428417 RDI: 0000000000000003 RBP: ffffc90003b2f9f0 R08: 000000000000003 R09: 000000000000ffff R10: 000000000000ffff R11: 000000000000002 R12: ffff88806603c000 R13: 0000000000000000 R14: ffff8880685b2780 R15: 0000000000000e23 FS: 00007fdc2deed6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b30a1dff8 CR3: 0000000056b8c000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: __netdev_start_xmit include/linux/netdevice.h:5002 [en línea] netdev_start_xmit include/linux/netdevice.h:5011 [en línea] __dev_direct_xmit+0x58a/0x720 net/core/dev.c:4490 dev_direct_xmit include/linux/netdevice.h:3181 [en línea] packet_xmit+0x1e4/0x360 net/packet/af_packet.c:285 packet_snd net/packet/af_packet.c:3146 [en línea] packet_sendmsg+0x2700/0x5660 net/packet/af_packet.c:3178 sock_sendmsg_nosec net/socket.c:711 [en línea] __sock_sendmsg net/socket.c:726 [en línea] __sys_sendto+0x488/0x4f0 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [en línea] __se_sys_sendto net/socket.c:2200 [en línea] __x64_sys_sendto+0xe0/0x1c0 net/socket.c:2200 do_syscall_x64 arch/x86/entry/common.c:52 [en línea] hacer_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entrada_SYSCALL_64_after_hwframe+0x77/0x7f
References () https://git.kernel.org/stable/c/177b72ed7c77b11e46dd4336d73a87a77a5603af - () https://git.kernel.org/stable/c/177b72ed7c77b11e46dd4336d73a87a77a5603af - Patch
References () https://git.kernel.org/stable/c/2ee7bdc7cb40abfe658a71fbd10c7db2f4fc4f9a - () https://git.kernel.org/stable/c/2ee7bdc7cb40abfe658a71fbd10c7db2f4fc4f9a - Patch
References () https://git.kernel.org/stable/c/8588c99c7d47448fcae39e3227d6e2bb97aad86d - () https://git.kernel.org/stable/c/8588c99c7d47448fcae39e3227d6e2bb97aad86d - Patch
References () https://git.kernel.org/stable/c/97ce3a4ec55eac6b5e2949ffb04028d604afda3b - () https://git.kernel.org/stable/c/97ce3a4ec55eac6b5e2949ffb04028d604afda3b - Patch
References () https://git.kernel.org/stable/c/b65958284401016b983078c68f70b047537f4aba - () https://git.kernel.org/stable/c/b65958284401016b983078c68f70b047537f4aba - Patch
References () https://git.kernel.org/stable/c/d9fa09ca004befe9cf826d6820439cb6f93cecd7 - () https://git.kernel.org/stable/c/d9fa09ca004befe9cf826d6820439cb6f93cecd7 - Patch

27 Dec 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-12-27 15:15

Updated : 2025-10-08 13:36

NVD link : CVE-2024-56636

Mitre link : CVE-2024-56636

CVE.ORG link : CVE-2024-56636

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-noinfo