Out-of-Bounds Read in Linux Kernel's XFRM Implementation

CVE-2024-57982

Summary

A vulnerability in the Linux Kernel's XFRM implementation allows for an out-of-bounds read during state lookups, which may occur when multiple processes attempt to access the same state concurrently. This issue arises from an inconsistency in the hash function and the state hash mask, potentially leading to undefined behavior. The vulnerability has been addressed by ensuring that the hash state mask and pointers are prefetched, thus maintaining consistency during lookup processes. It is crucial for users to apply security patches promptly to mitigate associated risks.

References