U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-26718 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function tasklet_action_common calls tasklet_trylock, then it calls the tasklet callback and then it calls tasklet_unlock. If the tasklet callback frees the structure that contains the tasklet or if it calls some code that may free it, tasklet_unlock will write into free memory. The commits 8e14f610159d and d9a02e016aaf try to fix it for dm-crypt, but it is not a sufficient fix and the data corruption can still happen [1]. There is no fix for dm-verity and dm-verity will write into free memory with every tasklet-processed bio. There will be atomic workqueues implemented in the kernel 6.9 [2]. They will have better interface and they will not suffer from the memory corruption problem. But we need something that stops the memory corruption now and that can be backported to the stable kernels. So, I'm proposing this commit that disables tasklets in both dm-crypt and dm-verity. This commit doesn't remove the tasklet support, because the tasklet code will be reused when atomic workqueues will be implemented. [1] https://lore.kernel.org/all/d390d7ee-f142-44d3-822a-87949e14608b@suse.de/T/ [2] https://lore.kernel.org/lkml/20240130091300.2968534-1-tj@kernel.org/


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/0a9bab391e336489169b95cb0d4553d921302189
https://git.kernel.org/stable/c/0a9bab391e336489169b95cb0d4553d921302189
https://git.kernel.org/stable/c/0c45a20cbe68bc4d681734f5c03891124a274257
https://git.kernel.org/stable/c/0c45a20cbe68bc4d681734f5c03891124a274257
https://git.kernel.org/stable/c/30884a44e0cedc3dfda8c22432f3ba4078ec2d94
https://git.kernel.org/stable/c/30884a44e0cedc3dfda8c22432f3ba4078ec2d94
https://git.kernel.org/stable/c/5735a2671ffb70ea29ca83969fe01316ee2ed6fc
https://git.kernel.org/stable/c/5735a2671ffb70ea29ca83969fe01316ee2ed6fc
https://git.kernel.org/stable/c/b825e0f9d68c178072bffd32dd34c39e3d2d597a

Weakness Enumeration

CWE-ID CWE Name Source

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-26718
NVD Published Date:
04/03/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org