CVE-2020-36791
In the Linux kernel, the following vulnerability has been resolved:
net_sched: keep alloc_hash updated after hash allocation
In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex") I moved cp->hash calculation before the first tcindex_alloc_perfect_hash(), but cp->alloc_hash is left untouched. This difference could lead to another out of bound access.
cp->alloc_hash should always be the size allocated, we should update it after this tcindex_alloc_perfect_hash().
| Software | From | Fixed in |
|---|---|---|
| linux / linux_kernel | 4.4.214 | 4.4.218 |
| linux / linux_kernel | 4.9.214 | 4.9.218 |
| linux / linux_kernel | 4.14.171 | 4.14.175 |
| linux / linux_kernel | 4.19.103 | 4.19.114 |
| linux / linux_kernel | 5.4.19 | 5.4.29 |
| linux / linux_kernel | 5.5.3 | 5.5.14 |
| linux / linux_kernel | 5.6-rc1 | 5.6-rc1.x |
| linux / linux_kernel | 5.6-rc2 | 5.6-rc2.x |
| linux / linux_kernel | 5.6-rc3 | 5.6-rc3.x |
| linux / linux_kernel | 5.6-rc4 | 5.6-rc4.x |
| linux / linux_kernel | 5.6-rc5 | 5.6-rc5.x |
| linux / linux_kernel | 5.6-rc6 | 5.6-rc6.x |
| linux / linux_kernel | 5.6-rc7 | 5.6-rc7.x |
- https://blog.cdthoughts.ch/2021/03/16/syzbot-bug.html
- https://git.kernel.org/stable/c/0d1c3530e1bd38382edef72591b78e877e0edcd3
- https://git.kernel.org/stable/c/557d015ffb27b672e24e6ad141fd887783871dc2
- https://git.kernel.org/stable/c/9f8b6c44be178c2498a00b270872a6e30e7c8266
- https://git.kernel.org/stable/c/bd3ee8fb6371b45c71c9345cc359b94da2ddefa9
- https://git.kernel.org/stable/c/c4453d2833671e3a9f6bd52f0f581056c3736386
- https://git.kernel.org/stable/c/d23faf32e577922b6da20bf3740625c1105381bf
- https://git.kernel.org/stable/c/d6cdc5bb19b595486fb2e6661e5138d73a57f454
- https://syzkaller.appspot.com/bug?id=ea260693da894e7b078d18fca2c9c0a19b457534
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime