Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-45030
HistorySep 11, 2024 - 3:14 p.m.

CVE-2024-45030 igb: cope with large MAX_SKB_FRAGS

2024-09-1115:14:00
Linux
www.cve.org
2
linux kernel
igb driver
vulnerability fix
max_skb_frags
payload corruption
bugzilla
shared info size
2k buffers

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

igb: cope with large MAX_SKB_FRAGS

Sabrina reports that the igb driver does not cope well with large
MAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload
corruption on TX.

An easy reproducer is to run ssh to connect to the machine. With
MAX_SKB_FRAGS=17 it works, with MAX_SKB_FRAGS=45 it fails. This has
been reported originally in
https://bugzilla.redhat.com/show_bug.cgi?id=2265320

The root cause of the issue is that the driver does not take into
account properly the (possibly large) shared info size when selecting
the ring layout, and will try to fit two packets inside the same 4K
page even when the 1st fraglist will trump over the 2nd head.

Address the issue by checking if 2K buffers are insufficient.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/intel/igb/igb_main.c"
    ],
    "versions": [
      {
        "version": "3948b05950fd",
        "lessThan": "8ea80ff5d829",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3948b05950fd",
        "lessThan": "b52bd8bcb9e8",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3948b05950fd",
        "lessThan": "8aba27c4a502",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/intel/igb/igb_main.c"
    ],
    "versions": [
      {
        "version": "6.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.4",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.48",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.7",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

debiancve 1
cve 1
osv 1
nvd 1
debiancve
debiancve
CVE-2024-45030
2024-09-11 16:15:07
cve
cve
CVE-2024-45030
2024-09-11 16:15:07
osv
osv
CVE-2024-45030
2024-09-11 16:15:07
nvd
nvd
CVE-2024-45030
2024-09-11 16:15:07

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2024-45030
debiancve1cve1osv1nvd1