Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveLinuxCVE-2024-40983
HistoryJul 12, 2024 - 1:15 p.m.

CVE-2024-40983

2024-07-1213:15:19
Linux
web.nvd.nist.gov
37
linux kernel
vulnerability
cve-2024-40983
tipc
decryption
security advisory

AI Score

6.5

Confidence

High

EPSS

0

Percentile

10.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

tipc: force a dst refcount before doing decryption

As it says in commit 3bc07321ccc2 (“xfrm: Force a dst refcount before
entering the xfrm type handlers”):

“Crypto requests might return asynchronous. In this case we leave the
rcu protected region, so force a refcount on the skb’s destination
entry before we enter the xfrm type input/output handlers.”

On TIPC decryption path it has the same problem, and skb_dst_force()
should be called before doing decryption to avoid a possible crash.

Shuang reported this issue when this warning is triggered:

[] WARNING: include/net/dst.h:337 tipc_sk_rcv+0x1055/0x1ea0 [tipc]
[] Kdump: loaded Tainted: G W --------- - - 4.18.0-496.el8.x86_64+debug
[] Workqueue: crypto cryptd_queue_worker
[] RIP: 0010:tipc_sk_rcv+0x1055/0x1ea0 [tipc]
[] Call Trace:
[] tipc_sk_mcast_rcv+0x548/0xea0 [tipc]
[] tipc_rcv+0xcf5/0x1060 [tipc]
[] tipc_aead_decrypt_done+0x215/0x2e0 [tipc]
[] cryptd_aead_crypt+0xdb/0x190
[] cryptd_queue_worker+0xed/0x190
[] process_one_work+0x93d/0x17e0

Affected configurations

Vulners
Node
linuxlinux_kernelRange5.55.10.221
OR
linuxlinux_kernelRange5.11.05.15.162
OR
linuxlinux_kernelRange5.16.06.1.96
OR
linuxlinux_kernelRange6.2.06.6.36
OR
linuxlinux_kernelRange6.7.06.9.7
OR
linuxlinux_kernelRange6.10.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/tipc/node.c"
    ],
    "versions": [
      {
        "version": "fc1b6d6de220",
        "lessThan": "3eb1b3962789",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "fc1b6d6de220",
        "lessThan": "692803b39a36",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "fc1b6d6de220",
        "lessThan": "623c90d86a61",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "fc1b6d6de220",
        "lessThan": "b57a4a2dc874",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "fc1b6d6de220",
        "lessThan": "6808b4137167",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "fc1b6d6de220",
        "lessThan": "2ebe8f840c74",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/tipc/node.c"
    ],
    "versions": [
      {
        "version": "5.5",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.5",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.221",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.162",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.96",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.36",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.9.7",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

cvelist 1
redhatcve 1
ubuntucve 1
nvd 1
debiancve 1
osv 10
vulnrichment 1
nessus 14
redhat 3
oraclelinux 2
openvas 9
cvelist
cvelist
CVE-2024-40983 tipc: force a dst refcount before doing decryption
2024-07-12 12:33:57
redhatcve
redhatcve
CVE-2024-40983
2024-07-16 18:55:29
ubuntucve
ubuntucve
CVE-2024-40983
2024-07-12 00:00:00
nvd
nvd
CVE-2024-40983
2024-07-12 13:15:19
debiancve
debiancve
CVE-2024-40983
2024-07-12 13:15:19
osv
osv
CVE-2024-40983
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux - security update
2024-07-15 00:00:00
vulnrichment
vulnrichment
CVE-2024-40983 tipc: force a dst refcount before doing decryption
2024-07-12 12:33:57
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:6268)
2024-09-04 00:00:00
RHEL 9 : kernel (RHSA-2024:6267)
2024-09-04 00:00:00
Oracle Linux 9 : kernel (ELSA-2024-5928)
2024-08-29 00:00:00
redhat
redhat
(RHSA-2024:6267) Moderate: kernel security update
2024-09-04 00:06:41
(RHSA-2024:6268) Moderate: kernel-rt security update
2024-09-04 00:06:53
(RHSA-2024:5928) Important: kernel security update
2024-08-28 11:05:30
oraclelinux
oraclelinux
kernel security update
2024-08-28 00:00:00
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Debian: Security Advisory (DSA-5730-1)
2024-07-16 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00

AI Score

6.5

Confidence

High

EPSS

0

Percentile

10.6%

JSON
Related for CVE-2024-40983
cvelist1redhatcve1ubuntucve1nvd1debiancve1osv10vulnrichment1nessus14redhat3oraclelinux2openvas9