CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg

Description

In the Linux kernel, the following vulnerability has been resolved:

net/smc: check smcd_v2_ext_offset when receiving proposal msg

When receiving proposal msg in server, the field smcd_v2_ext_offset in
proposal msg is from the remote client and can not be fully trusted.
Once the value of smcd_v2_ext_offset exceed the max value, there has
the chance to access wrong address, and crash may happen.

This patch checks the value of smcd_v2_ext_offset before using it.

Classification

CVE ID: CVE-2024-47408

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.82% (scored less or equal to compared to others)

EPSS Date: 2025-02-09 (when was this score calculated)

References

https://git.kernel.org/stable/c/a36364d8d4fabb105001f992fb8ff2d3546203d6
https://git.kernel.org/stable/c/e1cc8be2a785a8f1ce1f597f3e608602c5fccd46
https://git.kernel.org/stable/c/935caf324b445fe73d7708fae6f7176fb243f357
https://git.kernel.org/stable/c/48d5a8a304a643613dab376a278f29d3e22f7c34
https://git.kernel.org/stable/c/9ab332deb671d8f7e66d82a2ff2b3f715bc3a4ad

Timeline

2025-01-12 00:30:20 UTC
CVE

net/smc: check smcd_v2_ext_offset when receiving proposal msg