{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-57930","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-01-19T11:50:08.376Z","datePublished":"2025-01-21T12:01:27.807Z","dateUpdated":"2025-11-03T20:55:59.231Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T10:06:53.594Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Have process_string() also allow arrays\n\nIn order to catch a common bug where a TRACE_EVENT() TP_fast_assign()\nassigns an address of an allocated string to the ring buffer and then\nreferences it in TP_printk(), which can be executed hours later when the\nstring is free, the function test_event_printk() runs on all events as\nthey are registered to make sure there's no unwanted dereferencing.\n\nIt calls process_string() to handle cases in TP_printk() format that has\n\"%s\". It returns whether or not the string is safe. But it can have some\nfalse positives.\n\nFor instance, xe_bo_move() has:\n\n TP_printk(\"move_lacks_source:%s, migrate object %p [size %zu] from %s to %s device_id:%s\",\n            __entry->move_lacks_source ? \"yes\" : \"no\", __entry->bo, __entry->size,\n            xe_mem_type_to_name[__entry->old_placement],\n            xe_mem_type_to_name[__entry->new_placement], __get_str(device_id))\n\nWhere the \"%s\" references into xe_mem_type_to_name[]. This is an array of\npointers that should be safe for the event to access. Instead of flagging\nthis as a bad reference, if a reference points to an array, where the\nrecord field is the index, consider it safe."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/trace/trace_events.c"],"versions":[{"version":"85d7635d54d75a2589f28583dc17feedc3aa4ad6","lessThan":"3bcdc9039a6e9e6e47ed689a37b8d57894a3c571","status":"affected","versionType":"git"},{"version":"f3ff759ec636b4094b8eb2c3801e4e6c97a6b712","lessThan":"631b1e09e213c86d5a4ce23d45c81af473bb0ac7","status":"affected","versionType":"git"},{"version":"2f6ad0b613cd45cca48e6eb04f65351db018afb0","lessThan":"a64e5295ebc4afdefe69cdf16cc286a60ff8ba4b","status":"affected","versionType":"git"},{"version":"683eccacc02d2eb25d1c34b8fb0363fcc7e08f64","lessThan":"92bd18c74624e5eb9f96e70076aa46293f4b626f","status":"affected","versionType":"git"},{"version":"65a25d9f7ac02e0cf361356e834d1c71d36acca9","lessThan":"afc6717628f959941d7b33728570568b4af1c4b8","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/trace/trace_events.c"],"versions":[{"version":"6.1.122","lessThan":"6.1.124","status":"affected","versionType":"semver"},{"version":"6.6.68","lessThan":"6.6.70","status":"affected","versionType":"semver"},{"version":"6.12.7","lessThan":"6.12.9","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.122","versionEndExcluding":"6.1.124"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.68","versionEndExcluding":"6.6.70"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12.7","versionEndExcluding":"6.12.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3bcdc9039a6e9e6e47ed689a37b8d57894a3c571"},{"url":"https://git.kernel.org/stable/c/631b1e09e213c86d5a4ce23d45c81af473bb0ac7"},{"url":"https://git.kernel.org/stable/c/a64e5295ebc4afdefe69cdf16cc286a60ff8ba4b"},{"url":"https://git.kernel.org/stable/c/92bd18c74624e5eb9f96e70076aa46293f4b626f"},{"url":"https://git.kernel.org/stable/c/afc6717628f959941d7b33728570568b4af1c4b8"}],"title":"tracing: Have process_string() also allow arrays","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:55:59.231Z"}}]}}