Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] BUG: KMSAN: uninit-value in nla_validate_int_range lib/nlattr.c:336 [inline] BUG: KMSAN: uninit-value in validate_nla lib/nlattr.c:575 [inline] BUG: KMSAN: uninit-value in __nla_validate_parse+0x2e20/0x45c0 lib/nlattr.c:631 nla_validate_range_unsigned lib/nlattr.c:222 [inline] nla_validate_int_range lib/nlattr.c:336 [inline] validate_nla lib/nlattr.c:575 [inline] ... The message in question matches this policy: [NFTA_TARGET_REV] = NLA_POLICY_MAX(NLA_BE32, 255), but because NLA_BE32 size in minlen array is 0, the validation code will read past the malformed (too small) attribute. Note: Other attributes, e.g. BITFIELD32, SINT, UINT.. are also missing: those likely should be added too.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.1, < 6.1.81 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/000a68159c0326b46c42ec712ab98793e7e625a7
- https://git.kernel.org/stable/c/0ac219c4c3ab253f3981f346903458d20bacab32Patch
- https://git.kernel.org/stable/c/7a9d14c63b35f89563c5ecbadf918ad64979712dPatch
- https://git.kernel.org/stable/c/80b40f9cb87f3bf5877dfb852765cf92bc03ca77
- https://git.kernel.org/stable/c/9a0d18853c280f6a0ee99f91619f2442a17a323aPatch
- https://git.kernel.org/stable/c/a2ab028151841cd833cb53eb99427e0cc990112dPatch
- https://git.kernel.org/stable/c/0ac219c4c3ab253f3981f346903458d20bacab32Patch
- https://git.kernel.org/stable/c/7a9d14c63b35f89563c5ecbadf918ad64979712dPatch
- https://git.kernel.org/stable/c/9a0d18853c280f6a0ee99f91619f2442a17a323aPatch
- https://git.kernel.org/stable/c/a2ab028151841cd833cb53eb99427e0cc990112dPatch
FAQ
What is CVE-2024-26849?
CVE-2024-26849 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] B...
How severe is CVE-2024-26849?
CVE-2024-26849 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-26849?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.