#VU104985 Out-of-bounds read in Linux kernel - CVE-2024-57982
Vulnerability identifier: #VU104985
Vulnerability risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57982
CWE-ID:
CWE-125
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xfrm_state_deref_prot(), xfrm_dst_hash(), xfrm_src_hash(), xfrm_spi_hash(), xfrm_init_tempstate(), __xfrm_state_lookup_all(), xfrm_input_state_lookup(), EXPORT_SYMBOL(), __xfrm_state_lookup_byaddr(), xfrm_state_find(), xfrm_state_lookup() and xfrm_state_lookup_byaddr() functions in net/xfrm/xfrm_state.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 6.12, 6.12.1, 6.12.2, 6.12.3, 6.12.4, 6.12.5, 6.12.6, 6.12.7, 6.12.8, 6.12.9, 6.12.10, 6.12.11, 6.12.12, 6.13, 6.13.1
External links
https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc
https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0
https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.13
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.13.2
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
