CVE-2024-36937

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to the xdp component of the Linux kernel and involves a NULL pointer dereference. When redirecting a packet using XDP, the bpf redirect map() helper sets up the redirect destination information in struct bpf redirect info. The xdp do redirect() function reads this information after the XDP program returns and passes the frame on to the right redirect destination. However, if the destination map is being destroyed before xdp do redirect() is called, the map pointer will be cleared out without waiting for any XDP programs to stop running, causing a crash when a NULL pointer is passed to dev map enqueue(). The fix involves changing xdp do redirect() to react directly to the presence of the BPF F BROADCAST flag in the flags value in struct bpf redirect info to disambiguate between a single-target and a broadcast redirect.

Recommendations: To resolve the issue, update the Linux kernel to version 6.6.37 or later, which includes the fix for the vulnerability. At the moment, there is no information about other versions that contain a fix for this vulnerability.