Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-53088

Disclosure Date: November 19, 2024 •

CVE-2024-53088

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

i40e: fix race condition by adding filter’s intermediate sync state

Fix a race condition in the i40e driver that leads to MAC/VLAN filters
becoming corrupted and leaking. Address the issue that occurs under
heavy load when multiple threads are concurrently modifying MAC/VLAN
filters by setting mac and port VLAN.

Thread T0 allocates a filter in i40e_add_filter() within
i40e_ndo_set_vf_port_vlan().
Thread T1 concurrently frees the filter in __i40e_del_filter() within
i40e_ndo_set_vf_mac().
Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which
refers to the already freed filter memory, causing corruption.

Reproduction steps:

Spawn multiple VFs.
Apply a concurrent heavy load by running parallel operations to change
MAC addresses on the VFs and change port VLANs on the host.
Observe errors in dmesg:
“Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,
please set promiscuous on manually for VF XX”.

Exact code for stable reproduction Intel can’t open-source now.

The fix involves implementing a new intermediate filter state,
I40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.
These filters cannot be deleted from the hash list directly but
must be removed using the full process.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Linux

Products

Linux

References

Canonical

CVE-2024-53088 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53088)

Miscellaneous

https://git.kernel.org/stable/c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a

https://git.kernel.org/stable/c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791

https://git.kernel.org/stable/c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1

https://git.kernel.org/stable/c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6

https://git.kernel.org/stable/c/f30490e9695ef7da3d0899c6a0293cc7cd373567

Rapid7

Unknown

CVE-2024-53088

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-53088

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-53088

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-53088

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification