CVE - CVE-2024-40983

CVE-ID
CVE-2024-40983	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption As it says in commit 3bc07321ccc2 ("xfrm: Force a dst refcount before entering the xfrm type handlers"): "Crypto requests might return asynchronous. In this case we leave the rcu protected region, so force a refcount on the skb's destination entry before we enter the xfrm type input/output handlers." On TIPC decryption path it has the same problem, and skb_dst_force() should be called before doing decryption to avoid a possible crash. Shuang reported this issue when this warning is triggered: [] WARNING: include/net/dst.h:337 tipc_sk_rcv+0x1055/0x1ea0 [tipc] [] Kdump: loaded Tainted: G W --------- - - 4.18.0-496.el8.x86_64+debug [] Workqueue: crypto cryptd_queue_worker [] RIP: 0010:tipc_sk_rcv+0x1055/0x1ea0 [tipc] [] Call Trace: [] tipc_sk_mcast_rcv+0x548/0xea0 [tipc] [] tipc_rcv+0xcf5/0x1060 [tipc] [] tipc_aead_decrypt_done+0x215/0x2e0 [tipc] [] cryptd_aead_crypt+0xdb/0x190 [] cryptd_queue_worker+0xed/0x190 [] process_one_work+0x93d/0x17e0
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/2ebe8f840c7450ecbfca9d18ac92e9ce9155e269 URL:https://git.kernel.org/stable/c/2ebe8f840c7450ecbfca9d18ac92e9ce9155e269 MISC:https://git.kernel.org/stable/c/3eb1b39627892c4e26cb0162b75725aa5fcc60c8 URL:https://git.kernel.org/stable/c/3eb1b39627892c4e26cb0162b75725aa5fcc60c8 MISC:https://git.kernel.org/stable/c/623c90d86a61e3780f682b32928af469c66ec4c2 URL:https://git.kernel.org/stable/c/623c90d86a61e3780f682b32928af469c66ec4c2 MISC:https://git.kernel.org/stable/c/6808b41371670c51feea14f63ade211e78100930 URL:https://git.kernel.org/stable/c/6808b41371670c51feea14f63ade211e78100930 MISC:https://git.kernel.org/stable/c/692803b39a36e63ac73208e0a3769ae6a2f9bc76 URL:https://git.kernel.org/stable/c/692803b39a36e63ac73208e0a3769ae6a2f9bc76 MISC:https://git.kernel.org/stable/c/b57a4a2dc8746cea58a922ebe31b6aa629d69d93 URL:https://git.kernel.org/stable/c/b57a4a2dc8746cea58a922ebe31b6aa629d69d93
Assigning CNA
kernel.org
Date Record Created
20240712	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240712)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)