一、 漏洞 CVE-2024-49974 基础信息
漏洞标题
NFSD限制并发异步COPY操作的数量漏洞
来源:AIGC 神龙大模型
漏洞描述信息
在Linux内核中,已修复以下漏洞: NFSD:限制并发异步COPY操作的数量 目前没有任何机制限制客户端可以启动的并发异步COPY操作的数量。此外,据我所知,每个异步COPY操作可以复制无限数量的4MB数据块,因此可以运行很长时间。因此,我认为异步COPY操作可能成为DoS攻击的载体。 添加一个限制机制来约束并发后台COPY操作的数量。从简单开始并尽量做到公平 —— 该补丁实现了一个基于命名空间的限制。 当超出此限制时,发生的异步COPY请求将返回NFS4ERR_DELAY。请求客户端可以选择在延迟后再发送请求,或者退回到传统的读/写方式复制。 如果有必要使该机制更加复杂,我们可以在未来的补丁中进行改进。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
来源:AIGC 神龙大模型
漏洞类别
不加限制或调节的资源分配
来源:AIGC 神龙大模型
漏洞标题
NFSD: Limit the number of concurrent async COPY operations
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB chunks, so can run for a long time. Thus IMO async COPY can become a DoS vector. Add a restriction mechanism that bounds the number of concurrent background COPY operations. Start simple and try to be fair -- this patch implements a per-namespace limit. An async COPY request that occurs while this limit is exceeded gets NFS4ERR_DELAY. The requesting client can choose to send the request again after a delay or fall back to a traditional read/write style copy. If there is need to make the mechanism more sophisticated, we can visit that in future patches.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Linux kernel 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于NFSD子系统中对并发异步COPY操作数量的限制不当,可能成为拒绝服务攻击的向量。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2024-49974 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2024-49974 的情报信息

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    神龙速读
    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree

  • 标题: NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree -- 🔗来源链接

    标签:

    NFSD: Limit the number of concurrent async COPY operations - kernel/git/stable/linux.git - Linux kernel stable tree
  • https://nvd.nist.gov/vuln/detail/CVE-2024-49974