Bug 1182404 (CVE-2020-24504)

Summary: VUL-1: CVE-2020-24504: kernel-source-rt,kernel-source,kernel-source-azure: i810: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P4 - Low CC: bpetkov, carnil, lihong.yang, shung-hsi.yu, smash_bz, tbogendoerfer, tiwai
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/278168/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-24504:6.5:(AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2021-02-18 09:15:41 UTC
CVE-2020-24504

Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers
for Linux before version 1.0.4 may allow an authenticated user to potentially
enable denial of service via local access.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24504
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html
Comment 2 Thomas Bogendoerfer 2021-03-16 13:06:17 UTC
Lihong, 

as the CVE is for the out of box driver, is the upstream driver also affected ? If yes, can you help identify the patches fixing the issues ?
Comment 3 LIHONG YANG 2021-03-17 02:02:21 UTC
Hi Thomas,
Let me check with our ice driver team on this CVE and get back to you. I will keep you posted. 

Thanks,
Lihong
Comment 4 Salvatore Bonaccorso 2021-03-28 13:23:37 UTC
Was there any further information in this? Do the issues from INTEL-SA-00462 affect the driver in Linux as well?
Comment 5 LIHONG YANG 2021-04-01 18:13:47 UTC
Hi,
Sorry about the delay! We are currently working on a document that we can share with partners. Once it is approved, I will attach here. 

Thanks,
Lihong
Comment 6 LIHONG YANG 2021-04-06 21:02:00 UTC
I just got the approval to identify the commit(s) at Linux upstream. For the CVE related fix for ice driver that is not in the SLES release yet is this commit[1]:

b126bd6bcd67 ice: create scheduler aggregator node config and move VSIs 2021-02-08

Thanks,
Lihong

[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/drivers/net/ethernet/intel/ice?id=b126bd6bcd6710aa984104e979a5c930f44561b4
Comment 7 Thomas Bogendoerfer 2021-12-17 09:29:54 UTC
(In reply to LIHONG YANG from comment #6)
> I just got the approval to identify the commit(s) at Linux upstream. For the
> CVE related fix for ice driver that is not in the SLES release yet is this
> commit[1]:
> 
> b126bd6bcd67 ice: create scheduler aggregator node config and move VSIs
> 2021-02-08
> 
> Thanks,
> Lihong
> 
> [1]
> https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/
> drivers/net/ethernet/intel/ice?id=b126bd6bcd6710aa984104e979a5c930f44561b4

are you sure about the commit ? I don't see anything in that patch, which relates to the described problem...
Comment 9 LIHONG YANG 2022-01-04 20:07:59 UTC
Hi Thomas,
Yes, I confirmed this patch is the one to address the identified CVE. The commit message implies the problem solved.
Comment 15 Swamp Workflow Management 2022-01-11 20:19:48 UTC
openSUSE-SU-2022:0056-1: An update that solves 14 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1
Comment 16 Swamp Workflow Management 2022-01-11 20:27:53 UTC
SUSE-SU-2022:0056-1: An update that solves 14 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2022-01-14 14:21:36 UTC
SUSE-SU-2022:0079-1: An update that solves 14 vulnerabilities, contains four features and has 58 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: ECO-3666,SLE-17823,SLE-20042,SLE-23139
Sources used:
SUSE MicroOS 5.1 (src):    kernel-rt-5.3.18-68.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-68.1, kernel-rt_debug-5.3.18-68.1, kernel-source-rt-5.3.18-68.1, kernel-syms-rt-5.3.18-68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2022-01-19 20:22:41 UTC
SUSE-SU-2022:0131-1: An update that solves 13 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
SUSE MicroOS 5.1 (src):    kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.40.1, kernel-livepatch-SLE15-SP3_Update_11-1-7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2022-01-19 20:31:14 UTC
openSUSE-SU-2022:0131-1: An update that solves 13 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.40.1, kernel-64kb-5.3.18-59.40.1, kernel-debug-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-docs-5.3.18-59.40.1, kernel-kvmsmall-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-obs-qa-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
Comment 20 Swamp Workflow Management 2022-03-01 20:28:09 UTC
openSUSE-SU-2022:0056-1: An update that solves 17 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194175,1194176,1194177,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486,CVE-2022-23096,CVE-2022-23097,CVE-2022-23098
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1
openSUSE Backports SLE-15-SP3 (src):    connman-1.41-bp153.2.3.1
Comment 21 Swamp Workflow Management 2022-05-07 16:19:11 UTC
openSUSE-SU-2022:0131-1: An update that solves 14 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1195323
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-2032,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
openSUSE Leap 15.4 (src):    keycloak-18.0.0-lp154.2.3.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.40.1, kernel-64kb-5.3.18-59.40.1, kernel-debug-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-docs-5.3.18-59.40.1, kernel-kvmsmall-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-obs-qa-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
Comment 22 Takashi Iwai 2022-05-27 13:07:41 UTC
Thomas, is SLE15-SP3 the only kernel that hits the problem?  If yes, we can reassign back to security team.
Comment 23 Thomas Bogendoerfer 2022-06-14 07:26:55 UTC
(In reply to Takashi Iwai from comment #22)
> Thomas, is SLE15-SP3 the only kernel that hits the problem?  If yes, we can
> reassign back to security team.

According to Intel only SLE15-SP3 is affected for which the commit is already backported.