{"id":"CVE-2024-36974","summary":"net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP\n\nIf one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided,\ntaprio_parse_mqprio_opt() must validate it, or userspace\ncan inject arbitrary data to the kernel, the second time\ntaprio_change() is called.\n\nFirst call (with valid attributes) sets dev-\u003enum_tc\nto a non zero value.\n\nSecond call (with arbitrary mqprio attributes)\nreturns early from taprio_parse_mqprio_opt()\nand bad things can happen.","modified":"2026-04-02T12:16:35.679811Z","published":"2024-06-18T19:15:07.892Z","related":["SUSE-SU-2024:2802-1","SUSE-SU-2024:2893-1","SUSE-SU-2024:2894-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2923-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2947-1","SUSE-SU-2024:2948-1","SUSE-SU-2025:0652-1","SUSE-SU-2025:0656-1","SUSE-SU-2025:0669-1","SUSE-SU-2025:0681-1","SUSE-SU-2025:0687-1","SUSE-SU-2025:0698-1","SUSE-SU-2025:0703-1","SUSE-SU-2025:0708-1","SUSE-SU-2025:0709-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36974.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0bf6cc96612bd396048f57d63f1ad454a846e39c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6db4af09987cc5d5f0136bd46148b0e0460dae5b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/724050ae4b76e4fae05a923cb54101d792cf4404"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c37a27a35eadb59286c9092c49c241270c802ae2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6041e7124464ce7e896ee3f912897ce88a0c4ec"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d3dde4c217f0c31ab0621912e682b57e677dd923"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f921a58ae20852d188f70842431ce6519c4fdc36"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36974.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36974"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a3d43c0d56f1b94e74963a2fbadfb70126d92213"},{"fixed":"c6041e7124464ce7e896ee3f912897ce88a0c4ec"},{"fixed":"6db4af09987cc5d5f0136bd46148b0e0460dae5b"},{"fixed":"d3dde4c217f0c31ab0621912e682b57e677dd923"},{"fixed":"0bf6cc96612bd396048f57d63f1ad454a846e39c"},{"fixed":"724050ae4b76e4fae05a923cb54101d792cf4404"},{"fixed":"c37a27a35eadb59286c9092c49c241270c802ae2"},{"fixed":"f921a58ae20852d188f70842431ce6519c4fdc36"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36974.json"}}],"schema_version":"1.7.5"}