CVE-2024-27020
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
nft_unregister_expr() can concurrent with __nft_expr_type_get(),
and there is not any protection when iterate over nf_tables_expressions
list in __nft_expr_type_get(). Therefore, there is potential data-race
of nf_tables_expressions list entry.
Use list_for_each_entry_rcu() to iterate over nf_tables_expressions
list in __nft_expr_type_get(), and use rcu_read_lock() in the caller
nft_expr_type_get() to protect the entire type query process.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nf_tables: corrige una posible ejecución de datos en __nft_expr_type_get() nft_unregister_expr() puede concurrente con __nft_expr_type_get(), y no hay ninguna protección cuando se itera sobre la lista nf_tables_expressions en __nft_expr_type_get() . Por lo tanto, existe una posible ejecución de datos en la entrada de la lista nf_tables_expressions. Utilice list_for_each_entry_rcu() para iterar sobre la lista nf_tables_expressions en __nft_expr_type_get() y utilice rcu_read_lock() en el llamador nft_expr_type_get() para proteger todo el proceso de consulta de tipos.
A flaw was found in the Linux kernel. A potential data-race in the __nft_expr_type_get() function exists.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-19 CVE Reserved
- 2024-05-01 CVE Published
- 2024-05-24 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (13)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2024-27020 | 2024-09-24 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2278256 | 2024-09-24 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 4.19.313 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 4.19.313" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 5.4.275 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 5.4.275" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 5.10.216 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 5.10.216" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 5.15.157 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 5.15.157" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 6.1.88 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 6.1.88" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 6.6.29 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 6.6.29" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 6.8.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 6.8.8" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 6.9" | en |
Affected
|