{"uuid": "7ebd2f6e-6935-4432-9785-5222c43a94c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43878", "type": "seen", "source": "https://t.me/cvedetector/3709", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43878 - Linux Kernel xfrm Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43878 \nPublished : Aug. 21, 2024, 1:15 a.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nxfrm: Fix input error path memory access  \n  \nWhen there is a misconfiguration of input state slow path  \nKASAN report error. Fix this error.  \nwest login:  \n[   52.987278] eth1: renamed from veth11  \n[   53.078814] eth1: renamed from veth21  \n[   53.181355] eth1: renamed from veth31  \n[   54.921702] ==================================================================  \n[   54.922602] BUG: KASAN: wild-memory-access in xfrmi_rcv_cb+0x2d/0x295  \n[   54.923393] Read of size 8 at addr 6b6b6b6b00000000 by task ping/512  \n[   54.924169]  \n[   54.924386] CPU: 0 PID: 512 Comm: ping Not tainted 6.9.0-08574-gcd29a4313a1b #25  \n[   54.925290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014  \n[   54.926401] Call Trace:  \n[   54.926731]    \n[   54.927009]  dump_stack_lvl+0x2a/0x3b  \n[   54.927478]  kasan_report+0x84/0xa6  \n[   54.927930]  ? xfrmi_rcv_cb+0x2d/0x295  \n[   54.928410]  xfrmi_rcv_cb+0x2d/0x295  \n[   54.928872]  ? xfrm4_rcv_cb+0x3d/0x5e  \n[   54.929354]  xfrm4_rcv_cb+0x46/0x5e  \n[   54.929804]  xfrm_rcv_cb+0x7e/0xa1  \n[   54.930240]  xfrm_input+0x1b3a/0x1b96  \n[   54.930715]  ? xfrm_offload+0x41/0x41  \n[   54.931182]  ? raw_rcv+0x292/0x292  \n[   54.931617]  ? nf_conntrack_confirm+0xa2/0xa2  \n[   54.932158]  ? skb_sec_path+0xd/0x3f  \n[   54.932610]  ? xfrmi_input+0x90/0xce  \n[   54.933066]  xfrm4_esp_rcv+0x33/0x54  \n[   54.933521]  ip_protocol_deliver_rcu+0xd7/0x1b2  \n[   54.934089]  ip_local_deliver_finish+0x110/0x120  \n[   54.934659]  ? ip_protocol_deliver_rcu+0x1b2/0x1b2  \n[   54.935248]  NF_HOOK.constprop.0+0xf8/0x138  \n[   54.935767]  ? ip_sublist_rcv_finish+0x68/0x68  \n[   54.936317]  ? secure_tcpv6_ts_off+0x23/0x168  \n[   54.936859]  ? ip_protocol_deliver_rcu+0x1b2/0x1b2  \n[   54.937454]  ? __xfrm_policy_check2.constprop.0+0x18d/0x18d  \n[   54.938135]  NF_HOOK.constprop.0+0xf8/0x138  \n[   54.938663]  ? ip_sublist_rcv_finish+0x68/0x68  \n[   54.939220]  ? __xfrm_policy_check2.constprop.0+0x18d/0x18d  \n[   54.939904]  ? ip_local_deliver_finish+0x120/0x120  \n[   54.940497]  __netif_receive_skb_one_core+0xc9/0x107  \n[   54.941121]  ? __netif_receive_skb_list_core+0x1c2/0x1c2  \n[   54.941771]  ? blk_mq_start_stopped_hw_queues+0xc7/0xf9  \n[   54.942413]  ? blk_mq_start_stopped_hw_queue+0x38/0x38  \n[   54.943044]  ? virtqueue_get_buf_ctx+0x295/0x46b  \n[   54.943618]  process_backlog+0xb3/0x187  \n[   54.944102]  __napi_poll.constprop.0+0x57/0x1a7  \n[   54.944669]  net_rx_action+0x1cb/0x380  \n[   54.945150]  ? __napi_poll.constprop.0+0x1a7/0x1a7  \n[   54.945744]  ? vring_new_virtqueue+0x17a/0x17a  \n[   54.946300]  ? note_interrupt+0x2cd/0x367  \n[   54.946805]  handle_softirqs+0x13c/0x2c9  \n[   54.947300]  do_softirq+0x5f/0x7d  \n[   54.947727]    \n[   54.948014]    \n[   54.948300]  __local_bh_enable_ip+0x48/0x62  \n[   54.948832]  __neigh_event_send+0x3fd/0x4ca  \n[   54.949361]  neigh_resolve_output+0x1e/0x210  \n[   54.949896]  ip_finish_output2+0x4bf/0x4f0  \n[   54.950410]  ? __ip_finish_output+0x171/0x1b8  \n[   54.950956]  ip_send_skb+0x25/0x57  \n[   54.951390]  raw_sendmsg+0xf95/0x10c0  \n[   54.951850]  ? check_new_pages+0x45/0x71  \n[   54.952343]  ? raw_hash_sk+0x21b/0x21b  \n[   54.952815]  ? kernel_init_pages+0x42/0x51  \n[   54.953337]  ? prep_new_page+0x44/0x51  \n[   54.953811]  ? get_page_from_freelist+0x72b/0x915  \n[   54.954390]  ? signal_pending_state+0x77/0x77  \n[   54.954936]  ? preempt_count_sub+0x14/0xb3  \n[   54.955450]  ? __might_resched+0x8a/0x240  \n[   54.955951]  ? __might_sleep+0x25/0xa0  \n[   54.956424]  ? first_zones_zonelist+0x2c/0x43  \n[   54.956977]  ? __rcu_read_lock+0x2d/0x3a  \n[   54.957476]  ? __pte_offset_map+0x32/0xa4  \n[   54.957980]  ? __might_resched+0x8a/0x240  \n[   54.958483]  ? __might_sleep+0x25/0xa0  \n[   54.958963]  ? inet_send_prepare+[...]", "creation_timestamp": "2024-08-21T04:00:33.000000Z"}