VDB

CISA-2024-42283

CISA-2024-42283 PUBLISHED

Reported by Linux · Published August 17, 2024

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (edited for clarity): # ip nexthop add id 1 dev lo # ip nexthop add id 101 group 1 # strace -e recvmsg ip nexthop get id 101 ... recvmsg(... [{nla_len=12, nla_type=NHA_GROUP}, [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52 The fields are reserved and therefore not currently used. But as they are, they leak kernel memory, and the fact they are not just zero complicates repurposing of the fields for new ends. Initialize the full structure.

Affected Products

VendorProductVersions
LinuxLinux430a049190de3c9e219f43084de9f1122da04570, 430a049190de3c9e219f43084de9f1122da04570, 430a049190de3c9e219f43084de9f1122da04570
LinuxLinux5.3, 0, 5.4.282
LinuxLinux*, 430a049190de3c9e219f43084de9f1122da04570, 430a049190de3c9e219f43084de9f1122da04570
linuxlinux_kernel5.3, 5.3, 5.3

Timeline

  • Aug 17, 2024 CVE Published
  • Nov 3, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›