发布于3月6日3月6日 Members Ubuntu: (Multiple Advisories) (CVE-2024-35901): Linux kernel (Azure) vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/19/2024 Created 07/09/2024 Added 07/09/2024 Modified 11/15/2024 Description In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_over_panic. Sample dmesg: [ 5325.237162] skbuff: skb_over_panic: text:ffffffffc043277a len:1536 put:1536 head:ff1100018b517000 data:ff1100018b517100 tail:0x700 end:0x6ea dev:<NULL> [ 5325.243689] ------------[ cut here ]------------ [ 5325.245748] kernel BUG at net/core/skbuff.c:192! [ 5325.247838] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 5325.258374] RIP: 0010:skb_panic+0x4f/0x60 [ 5325.302941] Call Trace: [ 5325.304389]<IRQ> [ 5325.315794]? skb_panic+0x4f/0x60 [ 5325.317457]? asm_exc_invalid_op+0x1f/0x30 [ 5325.319490]? skb_panic+0x4f/0x60 [ 5325.321161]skb_put+0x4e/0x50 [ 5325.322670]mana_poll+0x6fa/0xb50 [mana] [ 5325.324578]__napi_poll+0x33/0x1e0 [ 5325.326328]net_rx_action+0x12e/0x280 As discussed internally, this alignment is not necessary. To fix this bug, remove it from the code. So oversized packets will be marked as CQE_RX_TRUNCATED by NIC, and dropped. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1068-azure ubuntu-upgrade-linux-image-5-15-0-1068-azure-fde ubuntu-upgrade-linux-image-6-5-0-1023-azure ubuntu-upgrade-linux-image-6-5-0-1023-azure-fde ubuntu-upgrade-linux-image-6-8-0-1006-gke ubuntu-upgrade-linux-image-6-8-0-1007-intel ubuntu-upgrade-linux-image-6-8-0-1007-raspi ubuntu-upgrade-linux-image-6-8-0-1008-ibm ubuntu-upgrade-linux-image-6-8-0-1008-oem ubuntu-upgrade-linux-image-6-8-0-1008-oracle ubuntu-upgrade-linux-image-6-8-0-1008-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1009-azure ubuntu-upgrade-linux-image-6-8-0-1009-azure-fde ubuntu-upgrade-linux-image-6-8-0-1009-nvidia ubuntu-upgrade-linux-image-6-8-0-1009-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1010-azure ubuntu-upgrade-linux-image-6-8-0-1010-azure-fde ubuntu-upgrade-linux-image-6-8-0-1010-gcp ubuntu-upgrade-linux-image-6-8-0-1011-aws ubuntu-upgrade-linux-image-6-8-0-38-generic ubuntu-upgrade-linux-image-6-8-0-38-generic-64k ubuntu-upgrade-linux-image-6-8-0-38-lowlatency ubuntu-upgrade-linux-image-6-8-0-38-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-35901 CVE - 2024-35901 USN-6874-1 USN-6875-1 USN-6893-1 USN-6893-2 USN-6893-3 USN-6898-1 USN-6898-3 USN-6917-1 USN-6918-1 View more
