CVE-2024-36244
Published: Jun 21, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to side-step the restriction imposed by the blamed commit in the Fixes: tag, because the taprio UAPI permits a cycle-time different from (and potentially shorter than) the sum of entry intervals. We need one more restriction, which is that the cycle time itself must be larger than N * ETH_ZLEN bit times, where N is the number of schedule entries. This restriction needs to apply regardless of whether the cycle time came from the user or was the implicit, auto-calculated value, so we move the existing "cycle == 0" check outside the "if "(!new->cycle_time)" branch. This way covers both conditions and scenarios. Add a selftest which illustrates the issue triggered by syzbot.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 - < 34d83c3e6e97867ae061d14eb52123404aab1cbcaffected b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 - < b939d1e04a90248b4cdf417b0969c270ceb992b2affected b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 - < 91f249b01fe490fce11fbb4307952ca8cce78724affected b5b73b26b3ca34574124ed7ae9c5ba8391a7f176 - < fb66df20a7201e60f2b13d7f95d031b31a8831d3affected 83bd58952b2b8543d8c48d1453975ab47a0a7504+3 more versions |
Linux | Linux | affected 5.9unaffected 0 - < 5.9unaffected 6.1.119 - <= 6.1.*unaffected 6.6.33 - <= 6.6.*unaffected 6.9.4 - <= 6.9.*+1 more versions |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now