U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-36489 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tls_init In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}. CPU0 CPU1 ----- ----- // In tls_init() // In tls_ctx_create() ctx = kzalloc() ctx->sk_proto = READ_ONCE(sk->sk_prot) -(1) // In update_sk_prot() WRITE_ONCE(sk->sk_prot, tls_prots) -(2) // In sock_common_setsockopt() READ_ONCE(sk->sk_prot)->setsockopt() // In tls_{setsockopt,getsockopt}() ctx->sk_proto->setsockopt() -(3) In the above scenario, when (1) and (2) are reordered, (3) can observe the NULL value of ctx->sk_proto, causing NULL dereference. To fix it, we rely on rcu_assign_pointer() which implies the release barrier semantic. By moving rcu_assign_pointer() after ctx->sk_proto is initialized, we can ensure that ctx->sk_proto are visible when changing sk->sk_prot.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b Patch 
https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b Patch 
https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b Patch 
https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b Patch 
https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302 Patch 
https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302 Patch 
https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c Patch 
https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c Patch 
https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071 Patch 
https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071 Patch 
https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b Patch 
https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-476 NULL Pointer Dereference cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-36489
NVD Published Date:
06/21/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org