Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2024-26844
HistoryApr 17, 2024 - 10:10 a.m.

CVE-2024-26844 block: Fix WARNING in _copy_from_iter

2024-04-1710:10:08
Linux
github.com
linux kernel
vulnerability
block layer
syzkaller
iterator
data copy.

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved:

block: Fix WARNING in _copy_from_iter

Syzkaller reports a warning in _copy_from_iter because an
iov_iter is supposedly used in the wrong direction. The reason
is that syzcaller managed to generate a request with
a transfer direction of SG_DXFER_TO_FROM_DEV. This instructs
the kernel to copy user buffers into the kernel, read into
the copied buffers and then copy the data back to user space.

Thus the iovec is used in both directions.

Detect this situation in the block layer and construct a new
iterator with the correct direction for the copy-in.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "block/blk-map.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "8fc80874103a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "0f1bae071de9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "cbaf9be337f7",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "13f3956eb568",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "block/blk-map.c"
    ],
    "versions": [
      {
        "version": "6.1.80",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.19",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.7.7",
        "lessThanOrEqual": "6.7.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.8",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

ubuntucve 1
cvelist 1
cve 1
redhatcve 1
nvd 1
debiancve 1
nessus 3
ubuntucve
ubuntucve
CVE-2024-26844
2024-04-17 00:00:00
cvelist
cvelist
CVE-2024-26844 block: Fix WARNING in _copy_from_iter
2024-04-17 10:10:08
cve
cve
CVE-2024-26844
2024-04-17 10:15:10
redhatcve
redhatcve
CVE-2024-26844
2024-04-17 17:30:42
nvd
nvd
CVE-2024-26844
2024-04-17 10:15:10
debiancve
debiancve
CVE-2024-26844
2024-04-17 10:15:10
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2135-1)
2024-06-22 00:00:00
RHEL 6 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for VULNRICHMENT:CVE-2024-26844
ubuntucve1cvelist1cve1redhatcve1nvd1debiancve1nessus3