CVE-2024-42071
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-42071
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42071.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-42071
- Downstream
- Published
- 2024-07-29T15:52:34.714Z
- Modified
- 2025-11-20T05:00:52.052434Z
- Summary
- ionic: use dev_consume_skb_any outside of napi
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ionic: use devconsumeskb_any outside of napi
If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb(), specifically we need to call it with budget==0 to signal to it that we're not in a safe context.
This was found while running some configuration stress testing of traffic and a change queue config loop running, and this curious note popped out:
[ 4371.402645] BUG: using smpprocessorid() in preemptible [00000000] code: ethtool/20545 [ 4371.402897] caller is napiskbcacheput+0x16/0x80 [ 4371.403120] CPU: 25 PID: 20545 Comm: ethtool Kdump: loaded Tainted: G OE 6.10.0-rc3-netnext+ #8 [ 4371.403302] Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 01/23/2021 [ 4371.403460] Call Trace: [ 4371.403613] <TASK> [ 4371.403758] dumpstacklvl+0x4f/0x70 [ 4371.403904] checkpreemptiondisabled+0xc1/0xe0 [ 4371.404051] napiskbcacheput+0x16/0x80 [ 4371.404199] ionictxclean+0x18a/0x240 [ionic] [ 4371.404354] ionictxcqservice+0xc4/0x200 [ionic] [ 4371.404505] ionictxflush+0x15/0x70 [ionic] [ 4371.404653] ? ioniclifqcqdeinit.isra.23+0x5b/0x70 [ionic] [ 4371.404805] ionictxrxdeinit+0x71/0x190 [ionic] [ 4371.404956] ionicreconfigurequeues+0x5f5/0xff0 [ionic] [ 4371.405111] ionicsetringparam+0x2e8/0x3e0 [ionic] [ 4371.405265] ethnlsetrings+0x1f1/0x300 [ 4371.405418] ethnldefaultsetdoit+0xbb/0x160 [ 4371.405571] genlfamilyrcvmsg_doit+0xff/0x130 [...]
I found that ionictxclean() calls napiconsumeskb() which calls napiskbcacheput(), but before that last call is the note /* Zero budget indicate non-NAPI context called us, like netpoll */ and DEBUGNETWARNONONCE(!insoftirq());
Those are pretty big hints that we're doing it wrong. We can pass a context hint down through the calls to let ionictxclean() know what we're doing so it can call napiconsumeskb() correctly.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced386e69865311044b576ff536c99c6ee9cc98a228Fixedef7646ed49fff962e97b276f4ab91327a67eeb5a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced386e69865311044b576ff536c99c6ee9cc98a228Fixed84b767f9e34fdb143c09e66a2a20722fc2921821
Affected versions
v6.*
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.8
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v6.9.6
v6.9.7
Database specific
vanir_signatures
[
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_clean"
},
"digest": {
"function_hash": "337695850480389978734223670325566621673",
"length": 1009.0
},
"id": "CVE-2024-42071-0dfacd2d",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_empty"
},
"digest": {
"function_hash": "224612505693932063287924381731494618193",
"length": 538.0
},
"id": "CVE-2024-42071-1556a460",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_lif.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"291089617792188172939595995301197245267",
"284623634844260553511859646925022018556",
"52859106727809198142834924636385344876",
"244055690521580524648287551379930242166"
]
},
"id": "CVE-2024-42071-22f39629",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_lif.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"291089617792188172939595995301197245267",
"284623634844260553511859646925022018556",
"52859106727809198142834924636385344876",
"244055690521580524648287551379930242166"
]
},
"id": "CVE-2024-42071-36be3b4a",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_dev.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"305423081330241926456916917772500195811",
"72736430012987162417905188694468304298",
"259275493835880563203757544520982981485",
"45239127298021768993554852258335969852"
]
},
"id": "CVE-2024-42071-401849c1",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_dev.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"305423081330241926456916917772500195811",
"72736430012987162417905188694468304298",
"259275493835880563203757544520982981485",
"45239127298021768993554852258335969852"
]
},
"id": "CVE-2024-42071-444d31db",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_cq_service"
},
"digest": {
"function_hash": "74686376557143220936238714986738259875",
"length": 637.0
},
"id": "CVE-2024-42071-4ba79e01",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_napi"
},
"digest": {
"function_hash": "58361866798700227228608175859545367052",
"length": 660.0
},
"id": "CVE-2024-42071-57d1dc42",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_txrx_napi"
},
"digest": {
"function_hash": "64219186962376758710722493082621766376",
"length": 1077.0
},
"id": "CVE-2024-42071-5a576d93",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_empty"
},
"digest": {
"function_hash": "224612505693932063287924381731494618193",
"length": 538.0
},
"id": "CVE-2024-42071-685174b4",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"265220277247875773097456978800311702037",
"150851202422323974675936600171986257543",
"328762029877325253511754480696991508176",
"309031010812130219799114533086749314108",
"339021714404076111491120780916280227172",
"146531416941657281880260855510718829453",
"66712131303247507484004296210061758613",
"317786789782540676953091911498621516821",
"253039919744015810852508660688165278824",
"24407168311935580950950600578456438297",
"29706691200033972040908782674493713953",
"263073208697802273804663334721398699073",
"256997722872869697748621778316630855327",
"133177193130553178426266488058870169579",
"80516106746662021951295459540333303627",
"252236651071946489420053071503073157919",
"136982153097930517235932640606756980785",
"193421196088940330324563603860907263001",
"312622940867474293766924220499404368370",
"193663619218751445132605448952641892511",
"168480852620345901520954199567069823651",
"136464107957688258023016761224162781967",
"86951931019212051633462693434481006411",
"183517693313762849206804247996329200617",
"174749777876018805939626689581902024632",
"130744989516426061072896404340740614638",
"131782062889431111918094757360071573378",
"29619455785624824973373257935641987521",
"31335351263074636970674297259511172979",
"307168606608689639708399274154118985615",
"13040232013547538939408480914983851712",
"292779515212233037595416736703436455312",
"74013782313386286707489660633124388026",
"186220650932750888968030989282838664241",
"282125956440282512082452140605069599697",
"310317973805049754910206688022313878938",
"299590095515783351703996953784646154334",
"152771868558267758753441164230293520608",
"144926806739989740194824480182342178550",
"75916474351268393554044159966508239327",
"173404412248960281699226936109138027352",
"308232753267678350390702749808193360676",
"210972144657532283686083966797084843103"
]
},
"id": "CVE-2024-42071-6a8bd6f0",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_clean"
},
"digest": {
"function_hash": "337695850480389978734223670325566621673",
"length": 1009.0
},
"id": "CVE-2024-42071-7ad1afcb",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_cq_service"
},
"digest": {
"function_hash": "74686376557143220936238714986738259875",
"length": 637.0
},
"id": "CVE-2024-42071-7d482d37",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_napi"
},
"digest": {
"function_hash": "58361866798700227228608175859545367052",
"length": 660.0
},
"id": "CVE-2024-42071-82761085",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"265220277247875773097456978800311702037",
"150851202422323974675936600171986257543",
"328762029877325253511754480696991508176",
"309031010812130219799114533086749314108",
"339021714404076111491120780916280227172",
"146531416941657281880260855510718829453",
"66712131303247507484004296210061758613",
"317786789782540676953091911498621516821",
"253039919744015810852508660688165278824",
"24407168311935580950950600578456438297",
"29706691200033972040908782674493713953",
"263073208697802273804663334721398699073",
"256997722872869697748621778316630855327",
"133177193130553178426266488058870169579",
"80516106746662021951295459540333303627",
"252236651071946489420053071503073157919",
"136982153097930517235932640606756980785",
"193421196088940330324563603860907263001",
"312622940867474293766924220499404368370",
"193663619218751445132605448952641892511",
"168480852620345901520954199567069823651",
"136464107957688258023016761224162781967",
"86951931019212051633462693434481006411",
"183517693313762849206804247996329200617",
"174749777876018805939626689581902024632",
"130744989516426061072896404340740614638",
"131782062889431111918094757360071573378",
"29619455785624824973373257935641987521",
"31335351263074636970674297259511172979",
"307168606608689639708399274154118985615",
"13040232013547538939408480914983851712",
"292779515212233037595416736703436455312",
"74013782313386286707489660633124388026",
"186220650932750888968030989282838664241",
"282125956440282512082452140605069599697",
"310317973805049754910206688022313878938",
"299590095515783351703996953784646154334",
"152771868558267758753441164230293520608",
"144926806739989740194824480182342178550",
"75916474351268393554044159966508239327",
"173404412248960281699226936109138027352",
"308232753267678350390702749808193360676",
"210972144657532283686083966797084843103"
]
},
"id": "CVE-2024-42071-8f88d4c3",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_txrx_napi"
},
"digest": {
"function_hash": "64219186962376758710722493082621766376",
"length": 1077.0
},
"id": "CVE-2024-42071-94e17aab",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_flush"
},
"digest": {
"function_hash": "314034217058203652935002456667357983975",
"length": 219.0
},
"id": "CVE-2024-42071-bf8f33c1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_service"
},
"digest": {
"function_hash": "78283956945768752150086021092425194597",
"length": 722.0
},
"id": "CVE-2024-42071-d6c96aab",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_lif.c",
"function": "ionic_adminq_napi"
},
"digest": {
"function_hash": "151771493970882894795707624209439043828",
"length": 1623.0
},
"id": "CVE-2024-42071-e74e0a09",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_service"
},
"digest": {
"function_hash": "78283956945768752150086021092425194597",
"length": 722.0
},
"id": "CVE-2024-42071-f1a6fb1e",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_lif.c",
"function": "ionic_adminq_napi"
},
"digest": {
"function_hash": "151771493970882894795707624209439043828",
"length": 1623.0
},
"id": "CVE-2024-42071-fe855e87",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@84b767f9e34fdb143c09e66a2a20722fc2921821",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "drivers/net/ethernet/pensando/ionic/ionic_txrx.c",
"function": "ionic_tx_flush"
},
"digest": {
"function_hash": "314034217058203652935002456667357983975",
"length": 219.0
},
"id": "CVE-2024-42071-ffe89f0d",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ef7646ed49fff962e97b276f4ab91327a67eeb5a",
"signature_version": "v1"
}
]