Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2024-26863): Linux kernel vulnerabilities

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2024-26863): Linux kernel vulnerabilities

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

04/17/2024

Created

07/02/2024

Added

07/01/2024

Modified

07/18/2024

Description

In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246 hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246 fill_frame_info net/hsr/hsr_forward.c:577 [inline] hsr_forward_skb+0xe12/0x30e0 net/hsr/hsr_forward.c:615 hsr_dev_xmit+0x1a1/0x270 net/hsr/hsr_device.c:223 __netdev_start_xmit include/linux/netdevice.h:4940 [inline] netdev_start_xmit include/linux/netdevice.h:4954 [inline] xmit_one net/core/dev.c:3548 [inline] dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564 __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349 dev_queue_xmit include/linux/netdevice.h:3134 [inline] packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276 packet_snd net/packet/af_packet.c:3087 [inline] packet_sendmsg+0x8b1d/0x9f30 net/packet/af_packet.c:3119 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg net/socket.c:745 [inline] __sys_sendto+0x735/0xa10 net/socket.c:2191 __do_sys_sendto net/socket.c:2203 [inline] __se_sys_sendto net/socket.c:2199 [inline] __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b Uninit was created at: slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768 slab_alloc_node mm/slub.c:3478 [inline] kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560 __alloc_skb+0x318/0x740 net/core/skbuff.c:651 alloc_skb include/linux/skbuff.h:1286 [inline] alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334 sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787 packet_alloc_skb net/packet/af_packet.c:2936 [inline] packet_snd net/packet/af_packet.c:3030 [inline] packet_sendmsg+0x70e8/0x9f30 net/packet/af_packet.c:3119 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg net/socket.c:745 [inline] __sys_sendto+0x735/0xa10 net/socket.c:2191 __do_sys_sendto net/socket.c:2203 [inline] __se_sys_sendto net/socket.c:2199 [inline] __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x63/0x6b CPU: 1 PID: 5033 Comm: syz-executor334 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 ===================================================== If the packet type ID field in the Ethernet header is either ETH_P_PRP or ETH_P_HSR, but it is not followed by an HSR tag, hsr_get_skb_sequence_nr() reads an invalid value as a sequence number. This causes the above issue. This patch fixes the issue by returning NULL if the Ethernet header is not followed by an HSR tag.

Solution(s)

ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp
ubuntu-upgrade-linux-image-5-15-0-1046-gkeop
ubuntu-upgrade-linux-image-5-15-0-1056-ibm
ubuntu-upgrade-linux-image-5-15-0-1057-ibm
ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg
ubuntu-upgrade-linux-image-5-15-0-1058-nvidia
ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency
ubuntu-upgrade-linux-image-5-15-0-1060-gke
ubuntu-upgrade-linux-image-5-15-0-1060-kvm
ubuntu-upgrade-linux-image-5-15-0-1061-oracle
ubuntu-upgrade-linux-image-5-15-0-1062-gcp
ubuntu-upgrade-linux-image-5-15-0-1063-aws
ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde
ubuntu-upgrade-linux-image-5-15-0-1066-azure
ubuntu-upgrade-linux-image-5-15-0-110-lowlatency
ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k
ubuntu-upgrade-linux-image-5-15-0-112-generic
ubuntu-upgrade-linux-image-5-15-0-112-generic-64k
ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae
ubuntu-upgrade-linux-image-5-15-0-113-generic
ubuntu-upgrade-linux-image-5-15-0-113-generic-64k
ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae
ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp
ubuntu-upgrade-linux-image-5-4-0-1075-ibm
ubuntu-upgrade-linux-image-5-4-0-1088-bluefield
ubuntu-upgrade-linux-image-5-4-0-1095-gkeop
ubuntu-upgrade-linux-image-5-4-0-1116-kvm
ubuntu-upgrade-linux-image-5-4-0-1127-oracle
ubuntu-upgrade-linux-image-5-4-0-1132-gcp
ubuntu-upgrade-linux-image-5-4-0-1133-azure
ubuntu-upgrade-linux-image-5-4-0-189-generic
ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae
ubuntu-upgrade-linux-image-5-4-0-189-lowlatency
ubuntu-upgrade-linux-image-6-8-0-1004-gke
ubuntu-upgrade-linux-image-6-8-0-1005-raspi
ubuntu-upgrade-linux-image-6-8-0-1006-ibm
ubuntu-upgrade-linux-image-6-8-0-1006-oem
ubuntu-upgrade-linux-image-6-8-0-1006-oracle
ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k
ubuntu-upgrade-linux-image-6-8-0-1008-azure
ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde
ubuntu-upgrade-linux-image-6-8-0-1008-gcp
ubuntu-upgrade-linux-image-6-8-0-1009-aws
ubuntu-upgrade-linux-image-6-8-0-35-generic
ubuntu-upgrade-linux-image-6-8-0-35-generic-64k
ubuntu-upgrade-linux-image-6-8-0-35-lowlatency
ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k
ubuntu-upgrade-linux-image-aws
ubuntu-upgrade-linux-image-aws-lts-22-04
ubuntu-upgrade-linux-image-azure
ubuntu-upgrade-linux-image-azure-fde
ubuntu-upgrade-linux-image-azure-fde-lts-22-04
ubuntu-upgrade-linux-image-azure-lts-20-04
ubuntu-upgrade-linux-image-azure-lts-22-04
ubuntu-upgrade-linux-image-bluefield
ubuntu-upgrade-linux-image-gcp
ubuntu-upgrade-linux-image-gcp-lts-20-04
ubuntu-upgrade-linux-image-gcp-lts-22-04
ubuntu-upgrade-linux-image-generic
ubuntu-upgrade-linux-image-generic-64k
ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
ubuntu-upgrade-linux-image-generic-hwe-18-04
ubuntu-upgrade-linux-image-generic-hwe-20-04
ubuntu-upgrade-linux-image-generic-hwe-24-04
ubuntu-upgrade-linux-image-generic-lpae
ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
ubuntu-upgrade-linux-image-gke
ubuntu-upgrade-linux-image-gke-5-15
ubuntu-upgrade-linux-image-gkeop
ubuntu-upgrade-linux-image-gkeop-5-15
ubuntu-upgrade-linux-image-gkeop-5-4
ubuntu-upgrade-linux-image-ibm
ubuntu-upgrade-linux-image-ibm-classic
ubuntu-upgrade-linux-image-ibm-lts-20-04
ubuntu-upgrade-linux-image-ibm-lts-24-04
ubuntu-upgrade-linux-image-intel
ubuntu-upgrade-linux-image-intel-iotg
ubuntu-upgrade-linux-image-kvm
ubuntu-upgrade-linux-image-lowlatency
ubuntu-upgrade-linux-image-lowlatency-64k
ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
ubuntu-upgrade-linux-image-lowlatency-hwe-18-04
ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
ubuntu-upgrade-linux-image-nvidia
ubuntu-upgrade-linux-image-nvidia-lowlatency
ubuntu-upgrade-linux-image-oem
ubuntu-upgrade-linux-image-oem-20-04
ubuntu-upgrade-linux-image-oem-20-04b
ubuntu-upgrade-linux-image-oem-20-04c
ubuntu-upgrade-linux-image-oem-20-04d
ubuntu-upgrade-linux-image-oem-24-04
ubuntu-upgrade-linux-image-oem-24-04a
ubuntu-upgrade-linux-image-oem-osp1
ubuntu-upgrade-linux-image-oracle
ubuntu-upgrade-linux-image-oracle-64k
ubuntu-upgrade-linux-image-oracle-lts-20-04
ubuntu-upgrade-linux-image-oracle-lts-22-04
ubuntu-upgrade-linux-image-raspi
ubuntu-upgrade-linux-image-snapdragon-hwe-18-04
ubuntu-upgrade-linux-image-virtual
ubuntu-upgrade-linux-image-virtual-hwe-18-04
ubuntu-upgrade-linux-image-virtual-hwe-20-04
ubuntu-upgrade-linux-image-virtual-hwe-24-04
ubuntu-upgrade-linux-image-xilinx-zynqmp

References

https://attackerkb.com/topics/cve-2024-26863
CVE - 2024-26863
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6878-1
USN-6892-1
USN-6896-1
USN-6896-2
USN-6896-3

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2024-26863): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2024-26863): Linux kernel vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.