CVE - CVE-2024-39277

CVE-ID
CVE-2024-39277	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMA_NO_NODE correctly cpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark() resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28 index -1 is out of range for type 'cpumask [64][1]' CPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:117) ubsan_epilogue (lib/ubsan.c:232) __ubsan_handle_out_of_bounds (lib/ubsan.c:429) cpumask_of_node (arch/x86/include/asm/topology.h:72) [inline] do_map_benchmark (kernel/dma/map_benchmark.c:104) map_benchmark_ioctl (kernel/dma/map_benchmark.c:246) full_proxy_unlocked_ioctl (fs/debugfs/file.c:333) __x64_sys_ioctl (fs/ioctl.c:890) do_syscall_64 (arch/x86/entry/common.c:83) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Use cpumask_of_node() in place when binding a kernel thread to a cpuset of a particular node. Note that the provided node id is checked inside map_benchmark_ioctl(). It's just a NUMA_NO_NODE case which is not handled properly later. Found by Linux Verification Center (linuxtesting.org).
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f URL:https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f MISC:https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41 URL:https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41 MISC:https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464 URL:https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464 MISC:https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13 URL:https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13 MISC:https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f URL:https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f
Assigning CNA
kernel.org
Date Record Created
20240621	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240621)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)