CVE-2024-57982: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-57982 affects the Linux kernel and involves an out-of-bounds read vulnerability in the xfrm state lookup functionality. The issue was discovered and disclosed in February 2025, affecting Linux kernel versions from 4.9 through 6.13.2. The vulnerability occurs when lookup and resize operations can run in parallel in the xfrm state component (NVD).

The vulnerability stems from a race condition where the xfrm_state_hash_generation seqlock ensures a retry, but hash functions can observe a hmask value that is too large for the new hlist array. During rehash operations, the code executes 'rcu_assign_pointer(net->xfrm.state_bydst, ndst)' followed by updating 'net->xfrm.state_hmask = nhashmask', while state lookup performs hash calculations and list traversal that could lead to out-of-bounds reads. The issue has a CVSS v3.1 Base Score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability allows an attacker to perform out-of-bounds read operations during xfrm state lookups, potentially leading to information disclosure and system crashes. The high CVSS score indicates significant potential impact on system confidentiality and availability (NVD).

The vulnerability has been patched by implementing a fix that prefetches state_hmask and associated pointers. The xfrm_state_hash_generation seqlock retry ensures pointer and hmask consistency. The patch also adds lockdep assertions to document that certain helpers are only safe for insert operations. The fix has been incorporated into kernel versions after 6.13.2 (Kernel Patch).