CVE-2024-57857
Published: 15 January 2025
Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rely on associated ib_devices net_device management, not doubling the effort locally. A badly managed local link to net_device was causing a 'KASAN: slab-use-after-free' exception during siw_query_port() call.
Security Summary
CVE-2024-57857 is a use-after-free vulnerability (CWE-416) in the Linux kernel's RDMA/siw subsystem. It arises from improper management of a per-device direct link to the net_device, which leads to a KASAN-detected slab-use-after-free exception during the siw_query_port() call. The issue affects Linux kernel versions incorporating the vulnerable RDMA/siw code prior to the application of the fixing commits.
A local attacker with low privileges (PR:L) can exploit this vulnerability with low attack complexity (AC:L) and no user interaction required (UI:N). Successful exploitation grants high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), with an overall CVSS v3.1 base score of 7.8. This could potentially allow the attacker to execute arbitrary code, corrupt kernel memory, or cause denial of service in the affected system.
Kernel patches addressing the vulnerability are available in the provided commit references: https://git.kernel.org/stable/c/16b87037b48889d21854c8e97aec8a1baf2642b3 and https://git.kernel.org/stable/c/4eafeb4f021c50d13f199239d913b37de3c83135. These commits remove the direct per-device link to net_device, instead relying on the associated ib_devices' net_device management to prevent the double effort and use-after-free condition. Security practitioners should update to kernels including these fixes.
Details
- CWE(s)