CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-57948: mac802154: check local interfaces before deleting sdata list

Description

In the Linux kernel, the following vulnerability has been resolved:

mac802154: check local interfaces before deleting sdata list

syzkaller reported a corrupted list in ieee802154_if_remove. [1]

Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4
hardware device from the system.

CPU0 CPU1
==== ====
genl_family_rcv_msg_doit ieee802154_unregister_hw
ieee802154_del_iface ieee802154_remove_interfaces
rdev_del_virtual_intf_deprecated list_del(&sdata->list)
ieee802154_if_remove
list_del_rcu

The net device has been unregistered, since the rcu grace period,
unregistration must be run before ieee802154_if_remove.

To avoid this issue, add a check for local->interfaces before deleting
sdata list.

[1]
kernel BUG at lib/list_debug.c:58!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56
Code: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 <0f> 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7
RSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246
RAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00
RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
RBP: ffff88805b278dd8 R08:...

Classification

CVE ID: CVE-2024-57948

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.71% (scored less or equal to compared to others)

EPSS Date: 2025-03-01 (when was this score calculated)

References

https://git.kernel.org/stable/c/80aee0bc0dbe253b6692d33e64455dc742fc52f1
https://git.kernel.org/stable/c/41e4ca8acba39f1cecff2dfdf14ace4ee52c4272
https://git.kernel.org/stable/c/2e41e98c4e79edae338f2662dbdf74ac2245d183
https://git.kernel.org/stable/c/b856d2c1384bc5a7456262afd21aa439ee5cdf6e
https://git.kernel.org/stable/c/eb09fbeb48709fe66c0d708aed81e910a577a30a

Timeline

2025-02-01 00:30:38 UTC
CVE

mac802154: check local interfaces before deleting sdata list
2025-03-06 09:45:34 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-57948