NVD

CVE-2024-36270 Detail

Modified

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [..] RIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62 Call Trace: nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline] nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168 __in_dev_get_rcu() can return NULL, so check for this.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 5.5 MEDIUM

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c	CVE, kernel.org	Patch
https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d	CVE, kernel.org	Patch
https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3	CVE, kernel.org	Patch
https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0	CVE, kernel.org	Patch
https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03	CVE, kernel.org	Patch
https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c	CVE, kernel.org	Patch
https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80	CVE, kernel.org	Patch

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-476	NULL Pointer Dereference	NIST

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

CVE Modified by CVE 11/21/2024 4:21:58 AM

Action	Type	New Value
Added	Reference	https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c
Added	Reference	https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d
Added	Reference	https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3
Added	Reference	https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0
Added	Reference	https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03
Added	Reference	https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c
Added	Reference	https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80

Initial Analysis by NIST 9/09/2024 9:16:22 AM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Added	CWE		NIST CWE-476
Added	CPE Configuration		OR cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 2.6.37 up to (excluding) 5.4.278 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.5 up to (excluding) 5.10.219 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.11 up to (excluding) 5.15.161 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.16 up to (excluding) 6.1.93 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.2 up to (excluding) 6.6.33 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.7 up to (excluding) 6.9.4 cpe:2.3:o:linux:linux_kernel:6.10:rc1::::::*
Changed	Reference Type	https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c No Types Assigned	https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c Patch
Changed	Reference Type	https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d No Types Assigned	https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d Patch
Changed	Reference Type	https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3 No Types Assigned	https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0 No Types Assigned	https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03 No Types Assigned	https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c No Types Assigned	https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c Patch
Changed	Reference Type	https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80 No Types Assigned	https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80 Patch

New CVE Received from kernel.org 6/21/2024 7:15:10 AM

Action	Type	New Value
Added	Description	In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [..] RIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62 Call Trace: nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline] nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168 __in_dev_get_rcu() can return NULL, so check for this.
Added	Reference	kernel.org https://git.kernel.org/stable/c/07eeedafc59c45fe5de43958128542be3784764c [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/10f0af5234dafd03d2b75233428ec3f11cf7e43d [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/21a673bddc8fd4873c370caf9ae70ffc6d47e8d3 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/570b4c52096e62fda562448f5760fd0ff06110f0 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/6fe5af4ff06db3d4d80e07a19356640428159f03 [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/819bfeca16eb9ad647ddcae25e7e12c30612147c [No types assigned]
Added	Reference	kernel.org https://git.kernel.org/stable/c/caf3a8afb5ea00db6d5398adf148d5534615fd80 [No types assigned]

Quick Info

CVE Dictionary Entry:
CVE-2024-36270
NVD Published Date:
06/21/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2024-36270 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by CVE 11/21/2024 4:21:58 AM

Initial Analysis by NIST 9/09/2024 9:16:22 AM

New CVE Received from kernel.org 6/21/2024 7:15:10 AM

Quick Info