跳转到帖子

Amazon Linux 2023: CVE-2024-26972: Important priority package update for kernel

recommended_posts

发布于
  • Members

Amazon Linux 2023: CVE-2024-26972: Important priority package update for kernel

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
05/01/2024
Created
02/14/2025
Added
02/14/2025
Modified
02/14/2025

Description

In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path For error handling path in ubifs_symlink(), inode will be marked as bad first, then iput() is invoked. If inode->i_link is initialized by fscrypt_encrypt_symlink() in encryption scenario, inode->i_link won't be freed by callchain ubifs_free_inode -> fscrypt_free_inode in error handling path, because make_bad_inode() has changed 'inode->i_mode' as 'S_IFREG'. Following kmemleak is easy to be reproduced by injecting error in ubifs_jnl_update() when doing symlink in encryption scenario: unreferenced object 0xffff888103da3d98 (size 8): comm "ln", pid 1692, jiffies 4294914701 (age 12.045s) backtrace: kmemdup+0x32/0x70 __fscrypt_encrypt_symlink+0xed/0x1c0 ubifs_symlink+0x210/0x300 [ubifs] vfs_symlink+0x216/0x360 do_symlinkat+0x11a/0x190 do_syscall_64+0x3b/0xe0 There are two ways fixing it: 1. Remove make_bad_inode() in error handling path. We can do that because ubifs_evict_inode() will do same processes for good symlink inode and bad symlink inode, for inode->i_nlink checking is before is_bad_inode(). 2. Free inode->i_link before marking inode bad. Method 2 is picked, it has less influence, personally, I think.

Solution(s)

  • amazon-linux-2023-upgrade-bpftool
  • amazon-linux-2023-upgrade-bpftool-debuginfo
  • amazon-linux-2023-upgrade-kernel
  • amazon-linux-2023-upgrade-kernel-debuginfo
  • amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64
  • amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64
  • amazon-linux-2023-upgrade-kernel-devel
  • amazon-linux-2023-upgrade-kernel-headers
  • amazon-linux-2023-upgrade-kernel-libbpf
  • amazon-linux-2023-upgrade-kernel-libbpf-devel
  • amazon-linux-2023-upgrade-kernel-libbpf-static
  • amazon-linux-2023-upgrade-kernel-livepatch-6-1-77-99-164
  • amazon-linux-2023-upgrade-kernel-modules-extra
  • amazon-linux-2023-upgrade-kernel-modules-extra-common
  • amazon-linux-2023-upgrade-kernel-tools
  • amazon-linux-2023-upgrade-kernel-tools-debuginfo
  • amazon-linux-2023-upgrade-kernel-tools-devel
  • amazon-linux-2023-upgrade-perf
  • amazon-linux-2023-upgrade-perf-debuginfo
  • amazon-linux-2023-upgrade-python3-perf
  • amazon-linux-2023-upgrade-python3-perf-debuginfo

References

  • https://attackerkb.com/topics/cve-2024-26972
  • CVE - 2024-26972
  • https://alas.aws.amazon.com/AL2023/ALAS-2024-517.html
  • 查看数 702
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…