CVE-2024-56614

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description The vulnerability is related to the xsk map delete elem function in the Linux kernel, which allows an out-of-bounds write due to implicit type conversion. This can lead to memory corruption and potentially allow an attacker to cause a denial of service. The issue arises when a large unsigned value for map->max entries bypasses the intended bounds check, allowing a negative value to be used as an array index. Technical details include the use of the xchg operation to cause an out-of-bounds write and the passing of an invalid map entry to xsk map sock delete, which can lead to further memory corruption. The xsk map delete elem function is vulnerable, specifically the comparison between k and map->max entries, and the use of k as an index in m->xsk map[k].

Recommendations To resolve the issue, update the Linux kernel to version 6.6.74 or later. As a temporary workaround, consider restricting access to the xsk map delete elem function until a patch is available. Additionally, avoid using the xchg operation on the map entry variable in the xsk map delete elem function.