CVE-2024-44940: fou: remove warn in gue_gro_receive on unsupported protocol

Description

In the Linux kernel, the following vulnerability has been resolved:

fou: remove warn in gue_gro_receive on unsupported protocol

Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is
not known or does not have a GRO handler.

Such a packet is easily constructed. Syzbot generates them and sets
off this warning.

Remove the warning as it is expected and not actionable.

The warning was previously reduced from WARN_ON to WARN_ON_ONCE in
commit 270136613bf7 ("fou: Do WARN_ON_ONCE in gue_gro_receive for bad
proto callbacks").

Classification

CVE ID: CVE-2024-44940

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.08% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/b1453a5616c7bd8acd90633ceba4e59105ba3b51
https://git.kernel.org/stable/c/5a2e37bc648a2503bf6d687aed27b9f4455d82eb
https://git.kernel.org/stable/c/3db4395332e7050ef9ddeb3052e6b5019f2a2a59
https://git.kernel.org/stable/c/440ab7f97261bc28501636a13998e1b1946d2e79
https://git.kernel.org/stable/c/dd89a81d850fa9a65f67b4527c0e420d15bf836c

Timeline

2024-12-15 00:30:18 UTC
CVE

fou: remove warn in gue_gro_receive on unsupported protocol