{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41024", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.615Z", "datePublished": "2024-07-29T14:31:41.257Z", "dateUpdated": "2024-11-05T09:35:12.148Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:35:12.148Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Restrict untrusted app to attach to privileged PD\n\nUntrusted application with access to only non-secure fastrpc device\nnode can attach to root_pd or static PDs if it can make the respective\ninit request. This can cause problems as the untrusted application\ncan send bad requests to root_pd or static PDs. Add changes to reject\nattach to privileged PDs if the request is being made using non-secure\nfastrpc device node."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/misc/fastrpc.c", "include/uapi/misc/fastrpc.h"], "versions": [{"version": "0871561055e6", "lessThan": "5e305b5986dc", "status": "affected", "versionType": "git"}, {"version": "0871561055e6", "lessThan": "ea13bd807f1c", "status": "affected", "versionType": "git"}, {"version": "0871561055e6", "lessThan": "c69fd8afaceb", "status": "affected", "versionType": "git"}, {"version": "0871561055e6", "lessThan": "bab2f5e8fd5d", "status": "affected", "versionType": "git"}, {"version": "0871561055e6", "lessThan": "2eb973ee4770", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/misc/fastrpc.c", "include/uapi/misc/fastrpc.h"], "versions": [{"version": "6.2", "status": "affected"}, {"version": "0", "lessThan": "6.2", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.41", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.48", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.10", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}, {"version": "6.10.7", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}]}], "references": [{"url": "https://git.kernel.org/stable/c/5e305b5986dc52122a9368a1461f0c13e1de3fd6"}, {"url": "https://git.kernel.org/stable/c/ea13bd807f1cef1af375d999980a9b9794c789b6"}, {"url": "https://git.kernel.org/stable/c/c69fd8afacebfdf2f8a1ee1ea7e0723786529874"}, {"url": "https://git.kernel.org/stable/c/bab2f5e8fd5d2f759db26b78d9db57412888f187"}, {"url": "https://git.kernel.org/stable/c/2eb973ee4770a26d9b5e292b58ad29822d321c7f"}], "title": "misc: fastrpc: Restrict untrusted app to attach to privileged PD", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.178Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5e305b5986dc52122a9368a1461f0c13e1de3fd6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c69fd8afacebfdf2f8a1ee1ea7e0723786529874", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bab2f5e8fd5d2f759db26b78d9db57412888f187", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41024", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:24:15.824922Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:04.740Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5e305b5986dc52122a9368a1461f0c13e1de3fd6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c69fd8afacebfdf2f8a1ee1ea7e0723786529874", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bab2f5e8fd5d2f759db26b78d9db57412888f187", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.178Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41024", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:24:15.824922Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:20.521Z"}}], "cna": {"title": "misc: fastrpc: Restrict untrusted app to attach to privileged PD", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "0871561055e6", "lessThan": "5e305b5986dc", "versionType": "git"}, {"status": "affected", "version": "0871561055e6", "lessThan": "ea13bd807f1c", "versionType": "git"}, {"status": "affected", "version": "0871561055e6", "lessThan": "c69fd8afaceb", "versionType": "git"}, {"status": "affected", "version": "0871561055e6", "lessThan": "bab2f5e8fd5d", "versionType": "git"}, {"status": "affected", "version": "0871561055e6", "lessThan": "2eb973ee4770", "versionType": "git"}], "programFiles": ["drivers/misc/fastrpc.c", "include/uapi/misc/fastrpc.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.2"}, {"status": "unaffected", "version": "0", "lessThan": "6.2", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.41", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.6.48", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.10", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}, {"status": "unaffected", "version": "6.10.7", "versionType": "semver", "lessThanOrEqual": "6.10.*"}], "programFiles": ["drivers/misc/fastrpc.c", "include/uapi/misc/fastrpc.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/5e305b5986dc52122a9368a1461f0c13e1de3fd6"}, {"url": "https://git.kernel.org/stable/c/ea13bd807f1cef1af375d999980a9b9794c789b6"}, {"url": "https://git.kernel.org/stable/c/c69fd8afacebfdf2f8a1ee1ea7e0723786529874"}, {"url": "https://git.kernel.org/stable/c/bab2f5e8fd5d2f759db26b78d9db57412888f187"}, {"url": "https://git.kernel.org/stable/c/2eb973ee4770a26d9b5e292b58ad29822d321c7f"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Restrict untrusted app to attach to privileged PD\n\nUntrusted application with access to only non-secure fastrpc device\nnode can attach to root_pd or static PDs if it can make the respective\ninit request. This can cause problems as the untrusted application\ncan send bad requests to root_pd or static PDs. Add changes to reject\nattach to privileged PDs if the request is being made using non-secure\nfastrpc device node."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:35:12.148Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41024", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:35:12.148Z", "dateReserved": "2024-07-12T12:17:45.615Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-29T14:31:41.257Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Restrict untrusted app to attach to privileged PD\n\nUntrusted application with access to only non-secure fastrpc device\nnode can attach to root_pd or static PDs if it can make the respective\ninit request. This can cause problems as the untrusted application\ncan send bad requests to root_pd or static PDs. Add changes to reject\nattach to privileged PDs if the request is being made using non-secure\nfastrpc device node."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc: fastrpc: restringe la aplicaci\u00f3n que no es de confianza para que se conecte a un PD privilegiado. La aplicaci\u00f3n que no es de confianza con acceso \u00fanicamente al nodo de dispositivo fastrpc no seguro puede conectarse a root_pd o a PD est\u00e1ticos si puede realizar el inicio respectivo. pedido. Esto puede causar problemas ya que la aplicaci\u00f3n que no es de confianza puede enviar solicitudes incorrectas a root_pd o PD est\u00e1ticos. Agregue cambios para rechazar la conexi\u00f3n a PD privilegiados si la solicitud se realiza mediante un nodo de dispositivo fastrpc no seguro."}], "id": "CVE-2024-41024", "lastModified": "2024-08-29T17:15:07.913", "metrics": {}, "published": "2024-07-29T15:15:11.270", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2eb973ee4770a26d9b5e292b58ad29822d321c7f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5e305b5986dc52122a9368a1461f0c13e1de3fd6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bab2f5e8fd5d2f759db26b78d9db57412888f187"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c69fd8afacebfdf2f8a1ee1ea7e0723786529874"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ea13bd807f1cef1af375d999980a9b9794c789b6"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: misc: fastrpc: Restrict untrusted app to attach to privileged PD", "id": "2300382", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300382"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmisc: fastrpc: Restrict untrusted app to attach to privileged PD\nUntrusted application with access to only non-secure fastrpc device\nnode can attach to root_pd or static PDs if it can make the respective\ninit request. This can cause problems as the untrusted application\ncan send bad requests to root_pd or static PDs. Add changes to reject\nattach to privileged PDs if the request is being made using non-secure\nfastrpc device node.", "A vulnerability was found in the Linux kernel's `fastrpc` driver at allows untrusted applications with access to non-secure `fastrpc` device nodes to attach to privileged Processing Domains (PDs) such as `root_pd` or static PDs. This could lead to unauthorized access and potential exploitation."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-41024", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-41024\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41024\nhttps://lore.kernel.org/linux-cve-announce/2024072919-CVE-2024-41024-be39@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 6.6.41, kernel 6.9.10, kernel 6.10"}