CVE-2024-57982

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-57982
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-57982.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-57982
Downstream
Related
Published
2025-02-27T02:07:08Z
Modified
2025-10-22T07:50:01.965919Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
xfrm: state: fix out-of-bounds read during lookup
Details

In the Linux kernel, the following vulnerability has been resolved:

xfrm: state: fix out-of-bounds read during lookup

lookup and resize can run in parallel.

The xfrmstatehash_generation seqlock ensures a retry, but the hash functions can observe a hmask value that is too large for the new hlist array.

rehash does: rcuassignpointer(net->xfrm.statebydst, ndst) [..] net->xfrm.statehmask = nhashmask;

While state lookup does: h = xfrmdsthash(net, daddr, saddr, tmpl->reqid, encapfamily); hlistforeachentryrcu(x, net->xfrm.statebydst + h, bydst) {

This is only safe in case the update to statebydst is larger than net->xfrm.xfrmstate_hmask (or if the lookup function gets serialized via state spinlock again).

Fix this by prefetching statehmask and the associated pointers. The xfrmstatehashgeneration seqlock retry will ensure that the pointer and the hmask will be consistent.

The existing helpers, like xfrmdsthash(), are now unsafe for RCU side, add lockdep assertions to document that they are only safe for insert side.

xfrmstatelookup_byaddr() uses the spinlock rather than RCU. AFAICS this is an oversight from back when state lookup was converted to RCU, this lock should be replaced with RCU in a future patch.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c2f672fc94642bae96821a393f342edcfa9794a6
Fixed
a16871c7832ea6435abb6e0b58289ae7dcb7e4fc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c2f672fc94642bae96821a393f342edcfa9794a6
Fixed
dd4c2a174994238d55ab54da2545543d36f4e0d0
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c2f672fc94642bae96821a393f342edcfa9794a6
Fixed
e952837f3ddb0ff726d5b582aa1aad9aa38d024d

Affected versions

v4.*

v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.8
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8

v5.*

v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "170242931057576960648422215554109989310",
            "length": 621.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "__xfrm_state_lookup_byaddr",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-01b05d42"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "91343101511993640978724009302759401256",
            "length": 200.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_src_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-074680cc"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "270583707014520316879938756506205431374",
            "length": 7433.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_state_find",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-0d3586f8"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "231686735795745289437168141341916330990",
            "length": 594.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "__xfrm_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-10f97f29"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "195455890935543236990446046820013192054",
            "length": 987.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_input_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-11906b71"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "233488920900831361511840870421906362060",
            "length": 214.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_spi_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-14d96dc0"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "129407246862991504389378932612760784739",
            "length": 325.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_state_lookup_byaddr",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-1a11c51f"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "292013582622027712422006425597498458806",
            "length": 402.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "__xfrm_state_locate",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-1eddf80f"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "253550986515242711512535014663500783280",
            "length": 124.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_seq_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-2ff41b5b"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "242770382860211118619339550379001739778",
            "length": 877.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "__xfrm_state_lookup_all",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-31d11776"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "170242931057576960648422215554109989310",
            "length": 621.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "__xfrm_state_lookup_byaddr",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-3b0aeb8e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "129407246862991504389378932612760784739",
            "length": 325.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_state_lookup_byaddr",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-4567adc5"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "292013582622027712422006425597498458806",
            "length": 402.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "__xfrm_state_locate",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-4f618f74"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "242770382860211118619339550379001739778",
            "length": 877.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "__xfrm_state_lookup_all",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-4fdceec8"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "279156372214556608512231237435236059297",
                "283902030631065763285685432304710678307",
                "230752985957335840651783974878799136255",
                "233081303864861340770377006017408238933",
                "234885127518086018420325375229794423615",
                "131780210206007488764601786141326194784",
                "286373890854406469018417487945178896734",
                "181913454152142033445087759191237644369",
                "31580212923107654971003129364005485939",
                "286828875939787619361964471324444948818",
                "202151189878396068248573688078552240065",
                "68606977793753959401732027030531753868",
                "255186122318265405630500057463286315834",
                "225988590866646179719255248049179408264",
                "31909044149789579167057866413025810078",
                "211944539703219060109325858269909880298",
                "146626243519630317334436483731199459070",
                "338786598652351200037469019230017250111",
                "332395793125000937781151176985332983363",
                "231318842165327632115946942753222618042",
                "32477080762499205488649277336863074606",
                "235974214545888992217234276402360203868",
                "263461672006236179923807250223929919328",
                "170988314592610390663677334195413191696",
                "148236060978540203095460311104888699627",
                "249275284486721274456768019298032023687",
                "6160123432217390888407867721371099681",
                "204773906738819694595062741485146950919",
                "329670538490907930645132132822636404879",
                "223399837746771489394088385911398502139",
                "116996736562500225105210143863420883963",
                "205503690130474882029442184172441888535",
                "89297209409502120224457708047485259559",
                "220415560932535252987937606147811903420",
                "191892219377054009933740733271461558493",
                "126019448641563508346055073844347052172",
                "113599040507268111124083440256540764096",
                "215388486556416517882521499568488474685",
                "308005496686327470865298052019507955245",
                "329670538490907930645132132822636404879",
                "73741288147117435310731330171706444666",
                "38106576356793704619342385373485105853",
                "48029212718566642207860996721236572252",
                "113599040507268111124083440256540764096",
                "184250810907440123895322672345763250628",
                "20391296081071077005825444145477510155",
                "116292715847871868343944633682138610252",
                "311048463144989679292031406550592149725",
                "261829300569431263498979059502733306605",
                "104351805273966457155083556365376237028",
                "74424233895791507396455529681508335292",
                "63200993075443684026818845734684459720",
                "106451200112620992854320918250488201671",
                "305417912018520965793770187461714774657",
                "43122813229404940664677733615067784460",
                "262952116145009729293880255226690334034",
                "122424806210519898565215594551827549391",
                "340243451748597829654921924533644025804",
                "203343451288578785714192437256911137578",
                "125203529658450503291335507049195991104",
                "168461229693657344646991954662784169646",
                "197719128049241574536606983766036217834",
                "182841646034541689034573244574037891476",
                "246139080303171741004881232048642763176",
                "261203416736819778179135854658884586924",
                "316974075529121744177893241535842748878",
                "143552543443887722315558892593450556336",
                "112271620735644904666740678576003992331",
                "222266493416745819578185253073291649136",
                "222633027280072577372524821282201111102",
                "283639774330279469962990569296736711778",
                "306493375046633698699803189742085988115",
                "312428998973492009168935504590644439800",
                "134753506322893563755936326371071621537",
                "73118028241062702688136186894670487429",
                "309900050111663182004242224410133993632",
                "295863025429119254874705904747268101874",
                "240930124915722883552019032183913764429",
                "305146292941540301282187075408036614727",
                "272311620320832029647674441682766882185",
                "211505414442691467863002176520959196776",
                "7153729065978809375038550843513747197",
                "144206772942348968764779453152189293587",
                "178033078426063829018945682196383924962",
                "186859510554803053757388743963955898318",
                "238164396208579691117822380985870670731",
                "225116616949227736312013577991985634561",
                "60845287338661500050112368196923736172",
                "169173142127124205795868404733238456960",
                "70562159684591418479242711274049042587",
                "20401314279349842696472127467346023494",
                "58641092593128708643172635878920152418",
                "280771017316264034671887132238518085575",
                "19990372765503467524968001331301281939",
                "179110673331745658810287801457264971941",
                "140192067915668296990168902469837168376",
                "307011229389070311551719304853758521377",
                "212480640102224068971200902653115441166",
                "46590104787032683560059265798308185862",
                "307768712828022067763005769666990670620",
                "316463297690179656575635397345891624830",
                "206040087157393221392540888227846668772",
                "310079654430003170789848802594536894521",
                "219495831189851249912951059032404877568",
                "191339659850355697568517389666263070964"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-56811b61"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "231686735795745289437168141341916330990",
            "length": 594.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "__xfrm_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-606508be"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "243799126104132899205938798058678460456",
            "length": 7369.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_state_find",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-62bf1479"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "292013582622027712422006425597498458806",
            "length": 402.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "__xfrm_state_locate",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-657c0fbe"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "233488920900831361511840870421906362060",
            "length": 214.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_spi_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-6bd4f568"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "212650462747842321617703440683663033221",
            "length": 249.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-7971b2df"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "170242931057576960648422215554109989310",
            "length": 621.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "__xfrm_state_lookup_byaddr",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-7cc2b360"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "195455890935543236990446046820013192054",
            "length": 987.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_input_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-94612485"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "231686735795745289437168141341916330990",
            "length": 594.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "__xfrm_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-96154117"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "253550986515242711512535014663500783280",
            "length": 124.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_seq_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-961ed9bd"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "279156372214556608512231237435236059297",
                "283902030631065763285685432304710678307",
                "230752985957335840651783974878799136255",
                "233081303864861340770377006017408238933",
                "234885127518086018420325375229794423615",
                "131780210206007488764601786141326194784",
                "286373890854406469018417487945178896734",
                "181913454152142033445087759191237644369",
                "31580212923107654971003129364005485939",
                "286828875939787619361964471324444948818",
                "202151189878396068248573688078552240065",
                "68606977793753959401732027030531753868",
                "255186122318265405630500057463286315834",
                "225988590866646179719255248049179408264",
                "31909044149789579167057866413025810078",
                "211944539703219060109325858269909880298",
                "146626243519630317334436483731199459070",
                "338786598652351200037469019230017250111",
                "332395793125000937781151176985332983363",
                "231318842165327632115946942753222618042",
                "32477080762499205488649277336863074606",
                "235974214545888992217234276402360203868",
                "263461672006236179923807250223929919328",
                "170988314592610390663677334195413191696",
                "148236060978540203095460311104888699627",
                "249275284486721274456768019298032023687",
                "6160123432217390888407867721371099681",
                "204773906738819694595062741485146950919",
                "329670538490907930645132132822636404879",
                "223399837746771489394088385911398502139",
                "116996736562500225105210143863420883963",
                "205503690130474882029442184172441888535",
                "89297209409502120224457708047485259559",
                "220415560932535252987937606147811903420",
                "191892219377054009933740733271461558493",
                "126019448641563508346055073844347052172",
                "113599040507268111124083440256540764096",
                "215388486556416517882521499568488474685",
                "308005496686327470865298052019507955245",
                "329670538490907930645132132822636404879",
                "73741288147117435310731330171706444666",
                "38106576356793704619342385373485105853",
                "48029212718566642207860996721236572252",
                "113599040507268111124083440256540764096",
                "184250810907440123895322672345763250628",
                "20391296081071077005825444145477510155",
                "116292715847871868343944633682138610252",
                "311048463144989679292031406550592149725",
                "261829300569431263498979059502733306605",
                "104351805273966457155083556365376237028",
                "74424233895791507396455529681508335292",
                "63200993075443684026818845734684459720",
                "106451200112620992854320918250488201671",
                "305417912018520965793770187461714774657",
                "43122813229404940664677733615067784460",
                "262952116145009729293880255226690334034",
                "122424806210519898565215594551827549391",
                "340243451748597829654921924533644025804",
                "203343451288578785714192437256911137578",
                "125203529658450503291335507049195991104",
                "168461229693657344646991954662784169646",
                "197719128049241574536606983766036217834",
                "182841646034541689034573244574037891476",
                "246139080303171741004881232048642763176",
                "261203416736819778179135854658884586924",
                "316974075529121744177893241535842748878",
                "143552543443887722315558892593450556336",
                "112271620735644904666740678576003992331",
                "222266493416745819578185253073291649136",
                "222633027280072577372524821282201111102",
                "283639774330279469962990569296736711778",
                "306493375046633698699803189742085988115",
                "312428998973492009168935504590644439800",
                "134753506322893563755936326371071621537",
                "73118028241062702688136186894670487429",
                "309900050111663182004242224410133993632",
                "295863025429119254874705904747268101874",
                "240930124915722883552019032183913764429",
                "305146292941540301282187075408036614727",
                "272311620320832029647674441682766882185",
                "211505414442691467863002176520959196776",
                "7153729065978809375038550843513747197",
                "144206772942348968764779453152189293587",
                "178033078426063829018945682196383924962",
                "186859510554803053757388743963955898318",
                "238164396208579691117822380985870670731",
                "225116616949227736312013577991985634561",
                "60845287338661500050112368196923736172",
                "169173142127124205795868404733238456960",
                "70562159684591418479242711274049042587",
                "20401314279349842696472127467346023494",
                "58641092593128708643172635878920152418",
                "280771017316264034671887132238518085575",
                "19990372765503467524968001331301281939",
                "179110673331745658810287801457264971941",
                "140192067915668296990168902469837168376",
                "307011229389070311551719304853758521377",
                "212480640102224068971200902653115441166",
                "46590104787032683560059265798308185862",
                "307768712828022067763005769666990670620",
                "316463297690179656575635397345891624830",
                "206040087157393221392540888227846668772",
                "310079654430003170789848802594536894521",
                "219495831189851249912951059032404877568",
                "191339659850355697568517389666263070964"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-9b75ea83"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "279156372214556608512231237435236059297",
                "283902030631065763285685432304710678307",
                "230752985957335840651783974878799136255",
                "233081303864861340770377006017408238933",
                "234885127518086018420325375229794423615",
                "131780210206007488764601786141326194784",
                "286373890854406469018417487945178896734",
                "181913454152142033445087759191237644369",
                "31580212923107654971003129364005485939",
                "286828875939787619361964471324444948818",
                "202151189878396068248573688078552240065",
                "68606977793753959401732027030531753868",
                "255186122318265405630500057463286315834",
                "225988590866646179719255248049179408264",
                "31909044149789579167057866413025810078",
                "211944539703219060109325858269909880298",
                "146626243519630317334436483731199459070",
                "338786598652351200037469019230017250111",
                "332395793125000937781151176985332983363",
                "231318842165327632115946942753222618042",
                "32477080762499205488649277336863074606",
                "235974214545888992217234276402360203868",
                "263461672006236179923807250223929919328",
                "170988314592610390663677334195413191696",
                "148236060978540203095460311104888699627",
                "249275284486721274456768019298032023687",
                "6160123432217390888407867721371099681",
                "204773906738819694595062741485146950919",
                "329670538490907930645132132822636404879",
                "223399837746771489394088385911398502139",
                "116996736562500225105210143863420883963",
                "205503690130474882029442184172441888535",
                "89297209409502120224457708047485259559",
                "220415560932535252987937606147811903420",
                "191892219377054009933740733271461558493",
                "126019448641563508346055073844347052172",
                "113599040507268111124083440256540764096",
                "215388486556416517882521499568488474685",
                "308005496686327470865298052019507955245",
                "329670538490907930645132132822636404879",
                "73741288147117435310731330171706444666",
                "38106576356793704619342385373485105853",
                "48029212718566642207860996721236572252",
                "113599040507268111124083440256540764096",
                "184250810907440123895322672345763250628",
                "20391296081071077005825444145477510155",
                "116292715847871868343944633682138610252",
                "311048463144989679292031406550592149725",
                "261829300569431263498979059502733306605",
                "104351805273966457155083556365376237028",
                "74424233895791507396455529681508335292",
                "63200993075443684026818845734684459720",
                "106451200112620992854320918250488201671",
                "305417912018520965793770187461714774657",
                "43122813229404940664677733615067784460",
                "262952116145009729293880255226690334034",
                "122424806210519898565215594551827549391",
                "340243451748597829654921924533644025804",
                "203343451288578785714192437256911137578",
                "125203529658450503291335507049195991104",
                "168461229693657344646991954662784169646",
                "197719128049241574536606983766036217834",
                "182841646034541689034573244574037891476",
                "246139080303171741004881232048642763176",
                "261203416736819778179135854658884586924",
                "316974075529121744177893241535842748878",
                "143552543443887722315558892593450556336",
                "112271620735644904666740678576003992331",
                "222266493416745819578185253073291649136",
                "222633027280072577372524821282201111102",
                "283639774330279469962990569296736711778",
                "306493375046633698699803189742085988115",
                "312428998973492009168935504590644439800",
                "134753506322893563755936326371071621537",
                "73118028241062702688136186894670487429",
                "309900050111663182004242224410133993632",
                "295863025429119254874705904747268101874",
                "240930124915722883552019032183913764429",
                "305146292941540301282187075408036614727",
                "272311620320832029647674441682766882185",
                "211505414442691467863002176520959196776",
                "7153729065978809375038550843513747197",
                "144206772942348968764779453152189293587",
                "178033078426063829018945682196383924962",
                "186859510554803053757388743963955898318",
                "238164396208579691117822380985870670731",
                "225116616949227736312013577991985634561",
                "60845287338661500050112368196923736172",
                "169173142127124205795868404733238456960",
                "70562159684591418479242711274049042587",
                "20401314279349842696472127467346023494",
                "58641092593128708643172635878920152418",
                "280771017316264034671887132238518085575",
                "19990372765503467524968001331301281939",
                "179110673331745658810287801457264971941",
                "140192067915668296990168902469837168376",
                "307011229389070311551719304853758521377",
                "212480640102224068971200902653115441166",
                "46590104787032683560059265798308185862",
                "307768712828022067763005769666990670620",
                "316463297690179656575635397345891624830",
                "206040087157393221392540888227846668772",
                "310079654430003170789848802594536894521",
                "219495831189851249912951059032404877568",
                "191339659850355697568517389666263070964"
            ]
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-9ffc50f9"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "249833093859073461996875793265170420091",
            "length": 222.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_dst_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-a594ee76"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "242770382860211118619339550379001739778",
            "length": 877.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "__xfrm_state_lookup_all",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-a8a4e196"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "212650462747842321617703440683663033221",
            "length": 249.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-afa832fa"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "129407246862991504389378932612760784739",
            "length": 325.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_state_lookup_byaddr",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-b3f767fd"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "249833093859073461996875793265170420091",
            "length": 222.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_dst_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-b5956681"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "253550986515242711512535014663500783280",
            "length": 124.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_seq_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-b8c40393"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "195455890935543236990446046820013192054",
            "length": 987.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_input_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-c03ccd3a"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "91343101511993640978724009302759401256",
            "length": 200.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_src_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-c7e32f2e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "249833093859073461996875793265170420091",
            "length": 222.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_dst_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-d75ac9e4"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "212650462747842321617703440683663033221",
            "length": 249.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e952837f3ddb0ff726d5b582aa1aad9aa38d024d",
        "target": {
            "function": "xfrm_state_lookup",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-d9ee1c39"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "270583707014520316879938756506205431374",
            "length": 7433.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dd4c2a174994238d55ab54da2545543d36f4e0d0",
        "target": {
            "function": "xfrm_state_find",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-e6398e29"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "233488920900831361511840870421906362060",
            "length": 214.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_spi_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-f477754e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "91343101511993640978724009302759401256",
            "length": 200.0
        },
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a16871c7832ea6435abb6e0b58289ae7dcb7e4fc",
        "target": {
            "function": "xfrm_src_hash",
            "file": "net/xfrm/xfrm_state.c"
        },
        "id": "CVE-2024-57982-f75583f1"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.9.0
Fixed
6.12.13
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.2