CVE-2024-26884
Description
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix hashtab overflow check on 32-bit arches
The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. This was triggered by syzbot on the DEVMAP_HASH type, which contains the same check, copied from the hashtab code. So apply the same fix to hashtab, by moving the overflow check to before the roundup.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
117- osv-coords114 versionspkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_14&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_56&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 5.14.21-150500.55.62.1+ 113 more
- (no CPE)range: < 5.14.21-150500.55.62.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.33.51.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.2.150500.6.27.2
- (no CPE)range: < 6.4.0-150600.23.7.3.150600.12.2.7
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.4
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.51.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.51.1
- (no CPE)range: < 6.4.0-150600.8.5.1
- (no CPE)range: < 5.14.21-150500.55.62.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.33.51.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 5.14.21-150500.55.62.2.150500.6.27.2
- (no CPE)range: < 5.14.21-150500.55.62.2.150500.6.27.2
- (no CPE)range: < 6.4.0-150600.23.7.3.150600.12.2.7
- (no CPE)range: < 6.4.0-17.1.1.51
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.4
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 1-150500.11.5.1
- (no CPE)range: < 1-150500.11.3.2
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.3.7
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.51.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.51.1
- (no CPE)range: < 6.4.0-150600.8.5.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 4.12.14-16.182.1
- (no CPE)range: < 5.14.21-150500.55.62.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 4.12.14-122.216.1
- (no CPE)range: < 4.12.14-10.182.1
- (no CPE)range: < 5.14.21-150500.13.52.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.55.62.2
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 1-8.3.1
Patches
Vulnerability mechanics
References
12- git.kernel.org/stable/c/33ec04cadb77605b71d9298311919303d390c4d5nvdPatch
- git.kernel.org/stable/c/3b08cfc65f07b1132c1979d73f014ae6e04de55dnvdPatch
- git.kernel.org/stable/c/64f00b4df0597590b199b62a37a165473bf658a6nvdPatch
- git.kernel.org/stable/c/6787d916c2cf9850c97a0a3f73e08c43e7d973b1nvdPatch
- git.kernel.org/stable/c/8435f0961bf3dc65e204094349bd9aeaac1f8868nvdPatch
- git.kernel.org/stable/c/92c81fbb3ed2e0dfc33a4183a67135e1ab566acenvdPatch
- git.kernel.org/stable/c/a6fa75b5096c0f9826a4fabe22d907b0a5bb1016nvdPatch
- git.kernel.org/stable/c/a83fdaeaea3677b83a53f72ace2d73a19bcd6d93nvdPatch
- git.kernel.org/stable/c/d817f0d34d927f2deb17dadbfe212c9a6a32ac3envdPatch
- cert-portal.siemens.com/productcert/html/ssa-265688.htmlnvd
- lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlnvd
- lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlnvd
News mentions
0No linked articles in our index yet.