CVE-2024-42265
Published: Aug 17, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being speculatively executed. That's wrong for the same reasons why it's wrong in close_fd()/file_close_fd_locked(); the same solution applies - array_index_nospec(fd, fdt->max_fds) could differ from fd only in case of speculative execution on mispredicted path.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8280d16172243702ed43432f826ca6130edb4086 - < ed42e8ff509d2a61c6642d1825032072dab79f26affected 8280d16172243702ed43432f826ca6130edb4086 - < 41a6c31df77bd8e050136b0a200b537da9e1084aaffected 8280d16172243702ed43432f826ca6130edb4086 - < 08775b3d6ed117cf4518754ec7300ee42b6a5368affected 8280d16172243702ed43432f826ca6130edb4086 - < 3f480493550b6a23d3a65d095d6569d4a7f56a0faffected 8280d16172243702ed43432f826ca6130edb4086 - < 5db999fff545b924b24c9afd368ef5c17279b176+3 more versions |
Linux | Linux | affected 3.7unaffected 0 - < 3.7unaffected 4.19.320 - <= 4.19.*unaffected 5.4.282 - <= 5.4.*unaffected 5.10.224 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now