CVE-2024-27019
netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
nft_unregister_obj() can concurrent with __nft_obj_type_get(),
and there is not any protection when iterate over nf_tables_objects
list in __nft_obj_type_get(). Therefore, there is potential data-race
of nf_tables_objects list entry.
Use list_for_each_entry_rcu() to iterate over nf_tables_objects
list in __nft_obj_type_get(), and use rcu_read_lock() in the caller
nft_obj_type_get() to protect the entire type query process.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nf_tables: corrige una posible ejecución de datos en __nft_obj_type_get() nft_unregister_obj() puede concurrir con __nft_obj_type_get(), y no hay ninguna protección cuando se itera sobre la lista de nf_tables_objects en __nft_obj_type_get() . Por lo tanto, existe una posible ejecución de datos de la entrada de la lista nf_tables_objects. Utilice list_for_each_entry_rcu() para iterar sobre la lista nf_tables_objects en __nft_obj_type_get(), y utilice rcu_read_lock() en el llamador nft_obj_type_get() para proteger todo el proceso de consulta de tipos.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-19 CVE Reserved
- 2024-05-01 CVE Published
- 2024-06-17 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/e50092404c1bc7aaeb0a0f4077fa6f07b073a20f | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-27019 | 2024-09-24 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2278258 | 2024-09-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 5.10.219 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.10.219" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 5.15.157 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.15.157" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 6.1.88 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.1.88" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 6.6.29 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.6.29" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 6.8.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.8.8" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.9" | en |
Affected
| ||||||