Bug 2324329 (CVE-2024-50145) - CVE-2024-50145 kernel: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()
Summary: CVE-2024-50145 kernel: octeon_ep: Add SKB allocation failures handling in __o...
Keywords:
Status: NEW
Alias: CVE-2024-50145
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2324389
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-11-07 10:02 UTC by OSIDB Bzimport
Modified: 2024-11-07 16:39 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2024-11-07 10:02:14 UTC 
In the Linux kernel, the following vulnerability has been resolved:

octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()

build_skb() returns NULL in case of a memory allocation failure so handle
it inside __octep_oq_process_rx() to avoid NULL pointer dereference.

__octep_oq_process_rx() is called during NAPI polling by the driver. If
skb allocation fails, keep on pulling packets out of the Rx DMA queue: we
shouldn't break the polling immediately and thus falsely indicate to the
octep_napi_poll() that the Rx pressure is going down. As there is no
associated skb in this case, don't process the packets and don't push them
up the network stack - they are skipped.

Helper function is implemented to unmmap/flush all the fragment buffers
used by the dropped packet. 'alloc_failures' counter is incremented to
mark the skb allocation error in driver statistics.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Comment 1 Robb Gatica 2024-11-07 15:58:52 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50145-10b6@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.