CVE-2024-50293

一、漏洞信息
 漏洞编号：[CVE-2024-50293](https://nvd.nist.gov/vuln/detail/CVE-2024-50293)
 漏洞归属组件：[kernel](https://gitee.com/src-openeuler/kernel)
 漏洞归属的版本：4.19.140,4.19.194,4.19.90,5.10.0,6.1.19,6.4.0,6.6.0
 CVSS V3.0分值：
  BaseScore：5.5 Medium
  Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 漏洞简述：
  In the Linux kernel, the following vulnerability has been resolved:net/smc: do not leave a dangling sk pointer in __smc_create()Thanks to commit 4bbd360a5084 ( socket: Print pf->create() whenit does not clear sock->sk on failure. ), syzbot found an issue with AF_SMC:smc_create must clear sock->sk on failure, family: 43, type: 1, protocol: 0 WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563Modules linked in:CPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563Code: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 <0f> 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7RSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246RAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000RBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50R10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8R13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0FS:  000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033CR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400Call Trace: <TASK>  sock_create net/socket.c:1616 [inline]  __sys_socket_create net/socket.c:1653 [inline]  __sys_socket+0x150/0x3c0 net/socket.c:1700  __do_sys_socket net/socket.c:1714 [inline]  __se_sys_socket net/socket.c:1712 [inline]For reference, see commit 2d859aff775d ( Merge branch do-not-leave-dangling-sk-pointers-in-pf-create-functions  ).
 漏洞公开时间：2024-11-19 10:16:31
 漏洞创建时间：2024-11-19 10:34:28
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2024-50293
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/d293958a8595ba566fb90b99da4d6263e14fee15 |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/d2cc492124e1f22daa1700f069bcc58788043381 |  |
| suse_bugzilla | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-50293 | https://bugzilla.suse.com/show_bug.cgi?id=1233482 |
| suse_bugzilla | https://www.cve.org/CVERecord?id=CVE-2024-50293 | https://bugzilla.suse.com/show_bug.cgi?id=1233482 |
| suse_bugzilla | https://git.kernel.org/stable/c/d293958a8595ba566fb90b99da4d6263e14fee15 | https://bugzilla.suse.com/show_bug.cgi?id=1233482 |
| suse_bugzilla | https://git.kernel.org/stable/c/d2cc492124e1f22daa1700f069bcc58788043381 | https://bugzilla.suse.com/show_bug.cgi?id=1233482 |
| suse_bugzilla | https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-50293.mbox | https://bugzilla.suse.com/show_bug.cgi?id=1233482 |
| redhat_bugzilla | https://lore.kernel.org/linux-cve-announce/2024111957-CVE-2024-50293-1bf1@gregkh/T | https://bugzilla.redhat.com/show_bug.cgi?id=2327192 |
| debian |  | https://security-tracker.debian.org/tracker/CVE-2024-50293 |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  openBrain开源漏洞感知系统
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

无
</details>

二、漏洞分析结构反馈
 影响性分析说明：
  Reserved.
 openEuler评分：
  3.9
 Vector：CVSS：3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
 受影响版本排查(受影响/不受影响)：
  1.openEuler-20.03-LTS-SP4(4.19.90):不受影响
2.openEuler-22.03-LTS-SP1(5.10.0):不受影响
3.openEuler-22.03-LTS-SP3(5.10.0):不受影响
4.openEuler-22.03-LTS-SP4(5.10.0):不受影响
5.master(6.6.0):不受影响
6.openEuler-24.03-LTS(6.6.0):不受影响
7.openEuler-24.03-LTS-Next(6.6.0):不受影响
8.openEuler-24.03-LTS-SP1(6.6.0):不受影响

修复是否涉及abi变化(是/否)：
  1.openEuler-20.03-LTS-SP4(4.19.90):否
2.openEuler-22.03-LTS-SP1(5.10.0):否
3.openEuler-22.03-LTS-SP3(5.10.0):否
4.master(6.6.0):否
5.openEuler-24.03-LTS(6.6.0):否
6.openEuler-24.03-LTS-Next(6.6.0):否
7.openEuler-22.03-LTS-SP4(5.10.0):否
8.openEuler-24.03-LTS-SP1(6.6.0):否

原因说明：
  1.openEuler-20.03-LTS-SP4(4.19.90):不受影响-漏洞代码不存在
2.openEuler-22.03-LTS-SP1(5.10.0):不受影响-漏洞代码不存在
3.openEuler-22.03-LTS-SP3(5.10.0):不受影响-漏洞代码不存在
4.openEuler-22.03-LTS-SP4(5.10.0):不受影响-漏洞代码不存在
5.master(6.6.0):不受影响-漏洞代码不存在
6.openEuler-24.03-LTS(6.6.0):不受影响-漏洞代码不存在
7.openEuler-24.03-LTS-Next(6.6.0):不受影响-漏洞代码不存在
8.openEuler-24.03-LTS-SP1(6.6.0):不受影响-漏洞代码不存在

src-openEuler/kernel

Content Risk Flag

Comments (7)

src-openEuler/kernel .gitee-modal { width: 500px !important; }

Content Risk Flag

CVE-2024-50293

Comments (7)

Search

src-openEuler/kernel