CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug

5.5 CVSS

Description

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug

Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds".
kasan report:
[ 19.411889] ==================================================================
[ 19.413702] BUG: KASAN: slab-out-of-bounds in _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
[ 19.415634] Read of size 8 at addr ffff888829e65200 by task cpuhp/16/113
[ 19.417368]
[ 19.418627] CPU: 16 PID: 113 Comm: cpuhp/16 Tainted: G E 6.9.0 #10
[ 19.420435] Hardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 07/28/2022
[ 19.422687] Call Trace:
[ 19.424091]
[ 19.425448] dump_stack_lvl+0x5d/0x80
[ 19.426963] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
[ 19.428694] print_report+0x19d/0x52e
[ 19.430206] ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 19.431837] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
[ 19.433539] kasan_report+0xf0/0x170
[ 19.435019] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
[ 19.436709] _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]
[ 19.438379] ? __pfx_sched_clock_cpu+0x10/0x10
[ 19.439910] isst_if_cpu_online+0x406/0x58f [isst_if_common]
[ 19.441573] ? __pfx_isst_if_cpu_online+0x10/0x10 [isst_if_common]
[ 19.443263] ? ttwu_queue_wakelist+0x2c1/0x360
[ 19.444797] cpuhp_invoke_callback+0x221/0xec0
[ ...

Classification

CVE ID: CVE-2024-49886

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.5

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 10.17% (scored less or equal to compared to others)

EPSS Date: 2025-06-02 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2024-49886
https://git.kernel.org/stable/c/1973c4d8ee0782a808303d75e3be9c12baaacd97
https://git.kernel.org/stable/c/cdd03afcb6eda3103da5a0948d3db12372f62910
https://git.kernel.org/stable/c/8176d4878ed2af5d93ddd0e971e24c412124d38b
https://git.kernel.org/stable/c/cebc705b097d5c16469b141a25e840161d1c517a
https://git.kernel.org/stable/c/afa7f78d9a907cfded6c98c91aae2bf7b3b56e51
https://git.kernel.org/stable/c/7d59ac07ccb58f8f604f8057db63b8efcebeb3de

Timeline

2025-03-06 09:45:34 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-49886
2025-05-04 10:40:20 UTC
CVE

platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug