Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2024-56717— net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic()

AI Predicted 5.5 Difficulty: Moderate EPSS 0.02% · P7

Affected Version Matrix 14

VendorProductVersion RangeStatus
LinuxLinux06bcb9032e05ad717f9fd0a6e2fd3ae7f430fa31< 59c4ca8d8d7918eb6e2df91d2c254827264be309affected
ff7f554bbd75d5cbf00cded81d05147c6617e876< 2f3c62ffe88116cd2a39cd73e01103535599970faffected
e1b9e80236c540fa85d76e2d510d1b38e1968c5d< a8836eae3288c351acd3b2743d2fad2a4ee2bd56affected
e1b9e80236c540fa85d76e2d510d1b38e1968c5d< 2d5df3a680ffdaf606baa10636bdb1daf757832eaffected
be3a532167dd562ec38900c846e7ae6cc39aa2f1affected
6.1.107< 6.1.122affected
6.6.48< 6.6.68affected
6.10.7< 6.11affected
… +6 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-56717

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() Packets injected by the CPU should have a SRC_PORT field equal to the CPU port module index in the Analyzer block (ocelot->num_phys_ports). The blamed commit copied the ocelot_ifh_set_basic() call incorrectly from ocelot_xmit_common() in net/dsa/tag_ocelot.c. Instead of calling with "x", it calls with BIT_ULL(x), but the field is not a port mask, but rather a single port index. [ side note: this is the technical debt of code duplication :( ] The error used to be silent and doesn't appear to have other user-visible manifestations, but with new changes in the packing library, it now fails loudly as follows: ------------[ cut here ]------------ Cannot store 0x40 inside bits 46-43 - will truncate sja1105 spi2.0: xmit timed out WARNING: CPU: 1 PID: 102 at lib/packing.c:98 __pack+0x90/0x198 sja1105 spi2.0: timed out polling for tstamp CPU: 1 UID: 0 PID: 102 Comm: felix_xmit Tainted: G W N 6.13.0-rc1-00372-gf706b85d972d-dirty #2605 Call trace: __pack+0x90/0x198 (P) __pack+0x90/0x198 (L) packing+0x78/0x98 ocelot_ifh_set_basic+0x260/0x368 ocelot_port_inject_frame+0xa8/0x250 felix_port_deferred_xmit+0x14c/0x258 kthread_worker_fn+0x134/0x350 kthread+0x114/0x138 The code path pertains to the ocelot switchdev driver and to the felix secondary DSA tag protocol, ocelot-8021q. Here seen with ocelot-8021q. The messenger (packing) is not really to blame, so fix the original commit instead.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于scsi:hisi_sas模块中未正确处理聚合ID,可能导致内核崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 06bcb9032e05ad717f9fd0a6e2fd3ae7f430fa31 ~ 59c4ca8d8d7918eb6e2df91d2c254827264be309 -
LinuxLinux 6.11 -

II. Public POCs for CVE-2024-56717

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-56717

登录查看更多情报信息。

Patches & Fixes for CVE-2024-56717 (4)

Same Patch Batch · Linux · 2024-12-29 · 39 CVEs total

CVE-2024-56747scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
CVE-2024-56730net/9p/usbg: fix handling of the failed kzalloc() memory allocation
CVE-2024-56740nfs/localio: must clear res.replen in nfs_local_read_done
CVE-2024-56739rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
CVE-2024-56742vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()
CVE-2024-56743nfs_common: must not hold RCU while calling nfsd_file_put_local
CVE-2024-56745PCI: Fix reset_method_store() memory leak
CVE-2024-56744f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason()
CVE-2024-56746fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()
CVE-2024-56748scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
CVE-2024-56729smb: Initialize cfid->tcon before performing network ops
CVE-2024-56749dlm: fix dlm_recover_members refcount on error
CVE-2024-56750erofs: fix blksize < PAGE_SIZE for file-backed mounts
CVE-2024-56751ipv6: release nexthop on device removal
CVE-2024-56752drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new()
CVE-2024-56753drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module
CVE-2024-56754crypto: caam - Fix the pointer passed to caam_qi_shutdown()
CVE-2024-56755netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
CVE-2024-56756nvme-pci: fix freeing of the HMB descriptor table
CVE-2024-56720bpf, sockmap: Several fixes to bpf_msg_pop_data

Showing top 20 of 39 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-56717

No comments yet

Leave a comment