{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-49571","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-01-11T12:33:33.704Z","datePublished":"2025-01-11T12:35:36.957Z","dateUpdated":"2025-11-03T20:41:09.035Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:39:27.664Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/smc/af_smc.c","net/smc/smc_clc.c","net/smc/smc_clc.h"],"versions":[{"version":"e7b7a64a8493d47433fd003efbe6543e3f676294","lessThan":"846bada23bfcdeb83621b045ed85dc06c7833ff0","status":"affected","versionType":"git"},{"version":"e7b7a64a8493d47433fd003efbe6543e3f676294","lessThan":"f10635268a0a49ee902a3b63b5dbb76f4fed498e","status":"affected","versionType":"git"},{"version":"e7b7a64a8493d47433fd003efbe6543e3f676294","lessThan":"62056d1592e63d85e82357ee2ae6a6a294f440b0","status":"affected","versionType":"git"},{"version":"e7b7a64a8493d47433fd003efbe6543e3f676294","lessThan":"91a7c27c1444ed4677b83fd5308d2cf03f5f0851","status":"affected","versionType":"git"},{"version":"e7b7a64a8493d47433fd003efbe6543e3f676294","lessThan":"47ce46349672a7e0c361bfe39ed0b22e824ef4fb","status":"affected","versionType":"git"},{"version":"e7b7a64a8493d47433fd003efbe6543e3f676294","lessThan":"a29e220d3c8edbf0e1beb0f028878a4a85966556","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/smc/af_smc.c","net/smc/smc_clc.c","net/smc/smc_clc.h"],"versions":[{"version":"4.16","status":"affected"},{"version":"0","lessThan":"4.16","status":"unaffected","versionType":"semver"},{"version":"5.10.233","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.176","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.122","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.68","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.7","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.10.233"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"5.15.176"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.1.122"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.6.68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.12.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/846bada23bfcdeb83621b045ed85dc06c7833ff0"},{"url":"https://git.kernel.org/stable/c/f10635268a0a49ee902a3b63b5dbb76f4fed498e"},{"url":"https://git.kernel.org/stable/c/62056d1592e63d85e82357ee2ae6a6a294f440b0"},{"url":"https://git.kernel.org/stable/c/91a7c27c1444ed4677b83fd5308d2cf03f5f0851"},{"url":"https://git.kernel.org/stable/c/47ce46349672a7e0c361bfe39ed0b22e824ef4fb"},{"url":"https://git.kernel.org/stable/c/a29e220d3c8edbf0e1beb0f028878a4a85966556"}],"title":"net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:41:09.035Z"}}]}}