CVE-2024-39277

HIGH

Published 2024-06-21T11:15:13.559Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-39277. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

7.8

/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.000

probability

of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.051

Higher than 5.1% of all CVEs

Attack Vector Metrics

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Description

In the Linux kernel, the following vulnerability has been resolved:

dma-mapping: benchmark: handle NUMA_NO_NODE correctly

cpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark()
resulting in the following sanitizer report:

UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28
index -1 is out of range for type 'cpumask [64][1]'
CPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)
Call Trace:
<TASK>
dump_stack_lvl (lib/dump_stack.c:117)
ubsan_epilogue (lib/ubsan.c:232)
__ubsan_handle_out_of_bounds (lib/ubsan.c:429)
cpumask_of_node (arch/x86/include/asm/topology.h:72) [inline]
do_map_benchmark (kernel/dma/map_benchmark.c:104)
map_benchmark_ioctl (kernel/dma/map_benchmark.c:246)
full_proxy_unlocked_ioctl (fs/debugfs/file.c:333)
__x64_sys_ioctl (fs/ioctl.c:890)
do_syscall_64 (arch/x86/entry/common.c:83)
entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)

Use cpumask_of_node() in place when binding a kernel thread to a cpuset
of a particular node.

Note that the provided node id is checked inside map_benchmark_ioctl().
It's just a NUMA_NO_NODE case which is not handled properly later.

Found by Linux Verification Center (linuxtesting.org).

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

65789daa8087e125927230ccb7e1eab13999b0cf 65789daa8087e125927230ccb7e1eab13999b0cf 65789daa8087e125927230ccb7e1eab13999b0cf 65789daa8087e125927230ccb7e1eab13999b0cf 65789daa8087e125927230ccb7e1eab13999b0cf

Linux

Affected Versions:

5.11 0 5.15.161 6.1.93 6.6.33 6.9.4 6.10

linux

linux_kernel

Affected Versions:

5.11

linux

linux_kernel

Affected Versions:

65789daa8087 65789daa8087 65789daa8087 65789daa8087 65789daa8087

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-vjh2-m3m9-vp7g

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMA_NO_NODE correctly cpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark() resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask [64][1]' CPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:117) ubsan_epilogue (lib/ubsan.c:232) __ubsan_handle_out_of_bounds (lib/ubsan.c:429) cpumask_of_node (arch/x86/include/asm/topology.h:72) [inline] do_map_benchmark (kernel/dma/map_benchmark.c:104) map_benchmark_ioctl (kernel/dma/map_benchmark.c:246) full_proxy_unlocked_ioctl (fs/debugfs/file.c:333) __x64_sys_ioctl (fs/ioctl.c:890) do_syscall_64 (arch/x86/entry/common.c:83) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Use cpumask_of_node() in place when binding a kernel thread to a cpuset of a particular node. Note that the provided node id is checked inside map_benchmark_ioctl(). It's just a NUMA_NO_NODE case which is not handled properly later. Found by Linux Verification Center (linuxtesting.org).

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-39277

WEB https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f

WEB https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41

WEB https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464

WEB https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13

WEB https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f

Advisory provided by GitHub Security Advisory Database. Published: June 21, 2024, Modified: June 24, 2024

References

https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13

https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464

https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41

https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f

https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f

Published: 2024-06-21T11:15:13.559Z

Last Modified: 2025-05-04T09:16:07.465Z

Copied to clipboard!

CVE-2024-39277

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

Linux

Affected Versions:

Linux

Affected Versions:

linux_kernel

Affected Versions:

linux_kernel

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!