2339120 – (CVE-2024-57933) CVE-2024-57933 kernel: gve: guard XSK operations on the existence of queues

Bug 2339120 (CVE-2024-57933) - CVE-2024-57933 kernel: gve: guard XSK operations on the existence of queues

Summary: CVE-2024-57933 kernel: gve: guard XSK operations on the existence of queues

Keywords:
Status:	NEW
Alias:	CVE-2024-57933
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-01-21 13:01 UTC by OSIDB Bzimport
Modified:	2025-01-21 15:55 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-01-21 13:01:18 UTC

In the Linux kernel, the following vulnerability has been resolved:

gve: guard XSK operations on the existence of queues

This patch predicates the enabling and disabling of XSK pools on the
existence of queues. As it stands, if the interface is down, disabling
or enabling XSK pools would result in a crash, as the RX queue pointer
would be NULL. XSK pool registration will occur as part of the next
interface up.

Similarly, xsk_wakeup needs be guarded against queues disappearing
while the function is executing, so a check against the
GVE_PRIV_FLAGS_NAPI_ENABLED flag is added to synchronize with the
disabling of the bit and the synchronize_net() in gve_turndown.

Comment 1 Michal Findra 2025-01-21 13:55:00 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025012148-CVE-2024-57933-aa3e@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.