CVE-2024-36286 Information
Description
In the Linux kernel the following vulnerability has been resolved:
netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()
syzbot reported that nf_reinject() could be called without rcu_read_lock() :
WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted
net/netfilter/nfnetlink_queue.c:263 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 2 debug_locks = 1 2 locks held by syz-executor.4/13427: 0: ffffffff8e334f60 (rcu_callback)….-0:0 at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline] 0: ffffffff8e334f60 (rcu_callback)….-0:0 at: rcu_do_batch kernel/rcu/tree.c:2190 [inline] 0: ffffffff8e334f60 (rcu_callback)….-0:0 at: rcu_core+0xa86/0x1830 kernel/rcu/tree.c:2471 1: ffff88801ca92958 (&inst->lock)+.-.-2:2 at: spin_lock_bh include/linux/spinlock.h:356 [inline] 1: ffff88801ca92958 (&inst->lock)+.-.-2:2 at: nfqnl_flush net/netfilter/nfnetlink_queue.c:405 [inline] 1: ffff88801ca92958 (&inst->lock)+.-.-2:2 at: instance_destroy_rcu+0x30/0x220 net/netfilter/nfnetlink_queue.c:172
stack backtrace:
CPU: 0 PID: 13427 Comm: syz-executor.4 Not tainted 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0
Hardware name: Google Google Compute Engine/Google Compute Engine BIOS Google 04/02/2024
Call Trace:
Reference
https://git.kernel.org/stable/c/8658bd777cbfcb0c13df23d0ea120e70517761b9 https://git.kernel.org/stable/c/3989b817857f4890fab9379221a9d3f52bf5c256 https://git.kernel.org/stable/c/e01065b339e323b3dfa1be217fd89e9b3208b0ab https://git.kernel.org/stable/c/25ea5377e3d2921a0f96ae2551f5ab1b36825dd4 https://git.kernel.org/stable/c/68f40354a3851df46c27be96b84f11ae193e36c5 https://git.kernel.org/stable/c/8f365564af898819a523f1a8cf5c6ce053e9f718 https://git.kernel.org/stable/c/215df6490e208bfdd5b3012f5075e7f8736f3e7a https://git.kernel.org/stable/c/dc21c6cc3d6986d938efbf95de62473982c98dec
Share on: