CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-54031: netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext

Access to genmask field in struct nft_set_ext results in unaligned
atomic read:

[ 72.130109] Unable to handle kernel paging request at virtual address ffff0000c2bb708c
[ 72.131036] Mem abort info:
[ 72.131213] ESR = 0x0000000096000021
[ 72.131446] EC = 0x25: DABT (current EL), IL = 32 bits
[ 72.132209] SET = 0, FnV = 0
[ 72.133216] EA = 0, S1PTW = 0
[ 72.134080] FSC = 0x21: alignment fault
[ 72.135593] Data abort info:
[ 72.137194] ISV = 0, ISS = 0x00000021, ISS2 = 0x00000000
[ 72.142351] CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ 72.145989] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ 72.150115] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000237d27000
[ 72.154893] [ffff0000c2bb708c] pgd=0000000000000000, p4d=180000023ffff403, pud=180000023f84b403, pmd=180000023f835403,
+pte=0068000102bb7707
[ 72.163021] Internal error: Oops: 0000000096000021 [#1] SMP
[...]
[ 72.170041] CPU: 7 UID: 0 PID: 54 Comm: kworker/7:0 Tainted: G E 6.13.0-rc3+ #2
[ 72.170509] Tainted: [E]=UNSIGNED_MODULE
[ 72.170720] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-stable202302-for-qemu 03/01/2023
[ 72.171192] Workqueue: events_power_efficient nft_rhash_gc [nf_tables]
[ 72.171552] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
[ 72.171915] pc : nft_rhash_gc+0x200/0x2d8...

Classification

CVE ID: CVE-2024-54031

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.42% (scored less or equal to compared to others)

EPSS Date: 2025-02-13 (when was this score calculated)

References

https://git.kernel.org/stable/c/352f8eaaabd008f09d1e176194edc261a7304084
https://git.kernel.org/stable/c/6a14b46052eeb83175a95baf399283860b9d94c4
https://git.kernel.org/stable/c/277f00b0c2dca8794cf4837722960bdc4174911f
https://git.kernel.org/stable/c/607774a13764676d4b8be9c8b9c66b8cf3469043
https://git.kernel.org/stable/c/4f49349c1963e507aa37c1ec05178faeb0103959
https://git.kernel.org/stable/c/d24cbc43cc7b41a0824b0bc6ec4d8436d8d7a9c0
https://git.kernel.org/stable/c/542ed8145e6f9392e3d0a86a0e9027d2ffd183e4

Timeline