From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B8E1F14D43E for ; Thu, 29 Feb 2024 15:53:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709222013; cv=none; b=DMvNQXT2i3521v5uoIciqTYLBgpws3zy1lDCJuZ9LdxD9YHSgTypnW7+gErONpUGJIRh+3EVX0/X7kuyiB695pLpR61csFoCId7yY6ql5IEDBH6KOpj0NYYelwJxJtO8CNOzCRFjRg6GjwFkHdWdJsLJg4m3CUIWSuhyE4Xf5d0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709222013; c=relaxed/simple; bh=j2Ch2ySOtX54VOWCgFOFWLpciFsR7M/fhfTa7AjByag=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=rQK4ECNXKEVRrnTNG+daW2jBn62n2SoU+iQMy+tvxA0by1dlIp54pjMOp/EaMl7Q2tReRQbmD9uufEBLYqQHTE8XjE23QMAd10tcImWD1vv2ia8LVtCJIhyq3FAgwGIS6TI14oycE3HgoJdNfvlrV6CzSwzcboRsAisiYRKsZ/s= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=WqY5jBGH; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="WqY5jBGH" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8CC38C433C7; Thu, 29 Feb 2024 15:53:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1709222013; bh=j2Ch2ySOtX54VOWCgFOFWLpciFsR7M/fhfTa7AjByag=; h=From:To:Cc:Subject:Date:Reply-to:From; b=WqY5jBGH5khfEjlw1kKAFq+bmMHV+ilk042/IFwIJFF8ld+U1P3nwM/HSLCfz+ud1 Uuj8a8cWv9HeANCr6Kn9ZP4qxHNDA3k5yd/wniPb/z1gNuUQYs4N2xtv5uvjEw3NEy Z4NmndujAzbA4eEvVbmwGNFSuhRBe9SUO8cIF8qU7gHcE49KO62C24mwbT2xEqypoY sTOLkLbw1zzygSf8JC4oYWOVixFEdpZapjnpZqLoro51gaJNnEXynKwKw/XAHEwQl7 QMJW87KYZmJIvf8bbui1gPDFk8cjd8pLwqQ013hn73R06e/EukxYhVbxx3HXF4PQFA K+U7DmKLrFdMA== From: Lee Jones To: linux-cve-announce@vger.kernel.org Cc: Lee Jones Subject: CVE-2024-26612: netfs, fscache: Prevent Oops in fscache_put_cache() Date: Thu, 29 Feb 2024 15:53:03 +0000 Message-ID: <20240229155245.1571576-44-lee@kernel.org> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Precedence: bulk X-Mailing-List: linux-cve-announce@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Reply-to: , X-Developer-Signature: v=1; a=openpgp-sha256; l=2101; i=lee@kernel.org; h=from:subject; bh=j2Ch2ySOtX54VOWCgFOFWLpciFsR7M/fhfTa7AjByag=; b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBl4KhPL6KrL/HTikOO0Re0bz9Xl6c6zC1kFUSLA y8UpRlC5aGJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZeCoTwAKCRBRr4ovh/x3 YV8MD/9A05xHIs6YRPANSjcHP65lnktqp5a4DdRjMO+Km3HCPHEimwPZJxJM1N+pCyB6pf2GfOh /OsWzxHMZUABNrbdy7r7p1RrX3ZA82yZ/IWboQ10QUj2C6opQbuSPrujsdXf33Mxmc6dHDBdKek tMEFidnYmQqfZSzRmE6M3WpI1VxvpE3+e+ZxxRS54bU8EvZmAI1xo+0WWLwUELHHHlFsSCJERgP ws9RBX2rli+wgzS2UMZbJtN4/I8OsJWCxRigWnf+16VnEsxAb0EbjxUPaK1sNVhLqGh3AWq4rR5 8Namo1tpC4vJoQ98RvgxEUqviBjAPik4StjcadOJRP8C4TPkzYsDNFl2rJs5BzhjG7LHwF8vYjq R959laRjYEHLh2eclikptuonAqAsoo88yupgJ26Zqd1BL+rByO86i2M/q+BpGZnW9Dh3hCc2gK0 DLsake2Xed6jOf53rlu3KsXz2++fhvgZ6LTQBNiS0/ply8GYFblZMJzSMc2xWn4yvFQzwqAmrEU WYQ40VL6NjX15tmCCSlPmKh4K1G85t6grKlDOcJIfvDUgfilj4ezBQeFPxwv0Bxw/IEagKEXRVd 0yuL4UUVTuH80JR1NiJszRFyDpfrbtFCEmLEpeGcYGL6KIpKoCgd/WvyEHLyNcXyc6rKB82hLf/ 5PoNabSHFFfy58g== X-Developer-Key: i=lee@kernel.org; a=openpgp; fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Content-Transfer-Encoding: 8bit Description =========== In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). Check first, then dereference. The Linux kernel CVE team has assigned CVE-2024-26612 to this issue. Affected and fixed versions =========================== Issue introduced in 5.17 with commit 9549332df4ed and fixed in 6.1.76 with commit 82a9bc343ba0 Issue introduced in 5.17 with commit 9549332df4ed and fixed in 6.6.15 with commit 1c45256e5990 Issue introduced in 5.17 with commit 9549332df4ed and fixed in 6.7.3 with commit 4200ad3e46ce Issue introduced in 5.17 with commit 9549332df4ed and fixed in 6.8-rc2 with commit 3be0b3ed1d76 Please see https://www.kernel.org or a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-26612 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/netfs/fscache_cache.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/82a9bc343ba019665d3ddc1d9a180bf0e0390cf3 https://git.kernel.org/stable/c/1c45256e599061021e2c848952e50f406457e448 https://git.kernel.org/stable/c/4200ad3e46ce50f410fdda302745489441bc70f0 https://git.kernel.org/stable/c/3be0b3ed1d76c6703b9ee482b55f7e01c369cc68