Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-26844HistoryApr 17, 2024 - 10:15 a.m.
CVE-2024-26844
2024-04-1710:15:10
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
33
linux kernel
vulnerability
fix
_copy_from_iter
block layer
iovec
direction
sg_dxfer_to_from_dev
iterator
nvd
In the Linux kernel, the following vulnerability has been resolved:
block: Fix WARNING in _copy_from_iter
Syzkaller reports a warning in _copy_from_iter because an
iov_iter is supposedly used in the wrong direction. The reason
is that syzcaller managed to generate a request with
a transfer direction of SG_DXFER_TO_FROM_DEV. This instructs
the kernel to copy user buffers into the kernel, read into
the copied buffers and then copy the data back to user space.
Thus the iovec is used in both directions.
Detect this situation in the block layer and construct a new
iterator with the correct direction for the copy-in.
Affected configurations
Node
linuxlinux_kernelRange6.1.0–6.1.80
ORlinuxlinux_kernelRange6.2.0–6.6.19
ORlinuxlinux_kernelRange6.7.0–6.7.7
ORlinuxlinux_kernelRange6.8.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"block/blk-map.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "8fc80874103a",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "0f1bae071de9",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "cbaf9be337f7",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "13f3956eb568",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"block/blk-map.c"
],
"versions": [
{
"version": "6.1.80",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.19",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.7",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-26844 block: Fix WARNING in _copy_from_iter
2024-04-17 10:10:08
ubuntucve
ubuntucve
CVE-2024-26844
2024-04-17 00:00:00
cvelist
cvelist
CVE-2024-26844 block: Fix WARNING in _copy_from_iter
2024-04-17 10:10:08
redhatcve
redhatcve
CVE-2024-26844
2024-04-17 17:30:42
nvd
nvd
CVE-2024-26844
2024-04-17 10:15:10
debiancve
debiancve
CVE-2024-26844
2024-04-17 10:15:10
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2135-1)
2024-06-22 00:00:00
RHEL 6 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00