{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T07:02:20.283","vulnerabilities":[{"cve":{"id":"CVE-2024-57900","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-01-15T13:15:14.633","lastModified":"2025-11-03T21:18:40.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n <IRQ>\n  __dump_stack lib/dump_stack.c:94 [inline]\n  dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xc3/0x620 mm/kasan/report.c:489\n  kasan_report+0xd9/0x110 mm/kasan/report.c:602\n  rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n  __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n  rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n  rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n  ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n  ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n  ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n  nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n  nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n  nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n  NF_HOOK include/linux/netfilter.h:312 [inline]\n  ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n  __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n  __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n  process_backlog+0x443/0x15f0 net/core/dev.c:6117\n  __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n  napi_poll net/core/dev.c:6952 [inline]\n  net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n  handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n  __do_softirq kernel/softirq.c:595 [inline]\n  invoke_softirq kernel/softirq.c:435 [inline]\n  __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n  irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n  instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n  sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ila: serializar llamadas a nf_register_net_hooks() syzbot encontró una carrera en ila_add_mapping() [1] la confirmación 031ae72825ce (\"ila: llamar a nf_unregister_net_hooks() antes\") intentó solucionar un problema similar. Al observar la reproducción de syzbot, tenemos comandos ILA_CMD_ADD simultáneos. Agregue un mutex para asegurarse de que, como máximo, un hilo esté llamando a nf_register_net_hooks(). [1] ERROR: KASAN: slab-use-after-free en rht_key_hashfn include/linux/rhashtable.h:159 [en línea] ERROR: KASAN: slab-use-after-free en __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604 Lectura de tamaño 4 en la dirección ffff888028f40008 por la tarea dhcpcd/5501 CPU: 1 UID: 0 PID: 5501 Comm: dhcpcd No contaminado 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 13/09/2024 Seguimiento de llamadas:  __dump_stack lib/dump_stack.c:94 [en línea] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [en línea] print_report+0xc3/0x620 mm/kasan/report.c:489 kasan_report+0xd9/0x110 mm/kasan/report.c:602 rht_key_hashfn include/linux/rhashtable.h:159 [en línea] __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604 rhashtable_lookup include/linux/rhashtable.h:646 [en línea] rhashtable_lookup_fast include/linux/rhashtable.h:672 [en línea] ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [en línea] ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [en línea] ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185 nf_hook_entry_hookfn include/linux/netfilter.h:154 [en línea] nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626 nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269 NF_HOOK include/linux/netfilter.h:312 [en línea] ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672 __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785 process_backlog+0x443/0x15f0 net/core/dev.c:6117 __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883 napi_poll net/core/dev.c:6952 [en línea] net_rx_action+0xa94/0x1010 net/core/dev.c:7074 handle_softirqs+0x213/0x8f0 kernel/softirq.c:561 __do_softirq kernel/softirq.c:595 [en línea] invoke_softirq kernel/softirq.c:435 [en línea] __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [en línea] sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"5.4.289","matchCriteriaId":"2704A089-B6A5-4F12-9387-0878A5A9C054"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.233","matchCriteriaId":"44569A17-FE4C-4BE3-9C0C-74AC54C7B51B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.176","matchCriteriaId":"DDBD8FC6-2357-4347-BFA1-B4A4A3039F35"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.124","matchCriteriaId":"1B69CE1B-5219-42EB-B7DD-7E7D7F1DB032"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.70","matchCriteriaId":"51E6CFF2-92AA-4936-95AB-2D068168A696"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.9","matchCriteriaId":"1D13AF97-FFED-4B68-906D-CFE38D0B88DD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*","matchCriteriaId":"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*","matchCriteriaId":"5A073481-106D-4B15-B4C7-FB0213B8E1D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*","matchCriteriaId":"DE491969-75AE-4A6B-9A58-8FC5AF98798F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*","matchCriteriaId":"93C0660D-7FB8-4FBA-892A-B064BA71E49E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*","matchCriteriaId":"034C36A6-C481-41F3-AE9A-D116E5BE6895"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1638f430f8900f2375f5de45508fbe553997e190","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/17e8fa894345e8d2c7a7642482267b275c3d4553","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/260466b576bca0081a7d4acecc8e93687aa22d0e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3d1b63cf468e446b9feaf4e4e73182b9cc82f460","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ad0677c37c14fa28913daea92d139644d7acf04e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d3017895e393536b234cf80a83fc463c08a28137","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eba25e21dce7ec70e2b3f121b2f3a25a4ec43eca","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}