CVE-2024-35903

Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some instructions and most likely crash.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b2e9dfe54be4d023124d588d6f03d16a9c0d2507

Fixed

3f9d57c771656bfd651e22edcfdb5f60e62542d4

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b2e9dfe54be4d023124d588d6f03d16a9c0d2507

Fixed

81166178cf0a0062a22b1b3b5368183d39577028

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b2e9dfe54be4d023124d588d6f03d16a9c0d2507

Fixed

9d98aa088386aee3db1b7b60b800c0fde0654a4a

Affected versions

v6.*

v6.1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.3

v6.6.4

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.8.1

v6.8.2

v6.8.3

v6.8.4

v6.9-rc1

Database specific

vanir_signatures

[
    {
        "target": {
            "file": "arch/x86/net/bpf_jit_comp.c"
        },
        "digest": {
            "line_hashes": [
                "171710062141521289538570770064597341321",
                "292485672431164659395266968394964067295",
                "253808683610344571122724562666205149915",
                "11600049491434378627676149716948221440"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81166178cf0a0062a22b1b3b5368183d39577028",
        "signature_version": "v1",
        "id": "CVE-2024-35903-12bcd9c5",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "target": {
            "file": "arch/x86/net/bpf_jit_comp.c"
        },
        "digest": {
            "line_hashes": [
                "171710062141521289538570770064597341321",
                "292485672431164659395266968394964067295",
                "253808683610344571122724562666205149915",
                "11600049491434378627676149716948221440"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9d98aa088386aee3db1b7b60b800c0fde0654a4a",
        "signature_version": "v1",
        "id": "CVE-2024-35903-239db786",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "target": {
            "file": "arch/x86/net/bpf_jit_comp.c"
        },
        "digest": {
            "line_hashes": [
                "171710062141521289538570770064597341321",
                "292485672431164659395266968394964067295",
                "253808683610344571122724562666205149915",
                "11600049491434378627676149716948221440"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f9d57c771656bfd651e22edcfdb5f60e62542d4",
        "signature_version": "v1",
        "id": "CVE-2024-35903-332c40e7",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "target": {
            "file": "arch/x86/net/bpf_jit_comp.c",
            "function": "emit_rsb_call"
        },
        "digest": {
            "function_hash": "19856497880745226437993911140151003374",
            "length": 178.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9d98aa088386aee3db1b7b60b800c0fde0654a4a",
        "signature_version": "v1",
        "id": "CVE-2024-35903-5d6b7994",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "arch/x86/net/bpf_jit_comp.c",
            "function": "emit_rsb_call"
        },
        "digest": {
            "function_hash": "19856497880745226437993911140151003374",
            "length": 178.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81166178cf0a0062a22b1b3b5368183d39577028",
        "signature_version": "v1",
        "id": "CVE-2024-35903-6e736115",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "arch/x86/net/bpf_jit_comp.c",
            "function": "emit_rsb_call"
        },
        "digest": {
            "function_hash": "19856497880745226437993911140151003374",
            "length": 178.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f9d57c771656bfd651e22edcfdb5f60e62542d4",
        "signature_version": "v1",
        "id": "CVE-2024-35903-ac235d94",
        "deprecated": false,
        "signature_type": "Function"
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.26

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.8.5