CVE-2024-42265

protect the fetch of ->fd[fd] in do_dup2() from mispredictions

Description

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being speculatively executed. That's wrong for the same reasons why it's wrong in close_fd()/file_close_fd_locked(); the same solution applies - array_index_nospec(fd, fdt->max_fds) could differ from fd only in case of speculative execution on mispredicted path.

N/A
CVSS
Severity:
EPSS 0.34%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/ed42e8ff509d2a61c6642d1825032072dab79f26
https://git.kernel.org/stable/c/41a6c31df77bd8e050136b0a200b537da9e1084a
https://git.kernel.org/stable/c/08775b3d6ed117cf4518754ec7300ee42b6a5368
https://git.kernel.org/stable/c/3f480493550b6a23d3a65d095d6569d4a7f56a0f
https://git.kernel.org/stable/c/5db999fff545b924b24c9afd368ef5c17279b176
https://git.kernel.org/stable/c/da72e783afd27d9f487836b2e6738146c0edd149
https://git.kernel.org/stable/c/1171ceccabfd596ca370c5d2cbb47d110c3f2fe1
https://git.kernel.org/stable/c/8aa37bde1a7b645816cda8b80df4753ecf172bf1

Frequently Asked Questions

What is the severity of CVE-2024-42265?
CVE-2024-42265 has not yet been assigned a CVSS score.
How to fix CVE-2024-42265?
To fix CVE-2024-42265, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-42265 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-42265 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-42265?
CVE-2024-42265 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.