CVE-2024-27024

net/rds: fix WARNING in rds_conn_connect_if_down

Severity Score

4.3

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after
get_mr().

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/rds: solucione la ADVERTENCIA en rds_conn_connect_if_down Si la conexión aún no se ha establecido, get_mr() fallará, activará la conexión después de get_mr().

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-12-19 CVE Updated
2025-03-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (15)

URL	Tag	Source
https://git.kernel.org/stable/c/584a8279a44a800dea5a5c1e9d53a002e03016b4	Vuln. Introduced
https://git.kernel.org/stable/c/952835ccd917682ebb705f89ff1e56fbf068a1d8	Vuln. Introduced
https://git.kernel.org/stable/c/783941bd9f445a37c2854ec0b4cb9f9e603193a7	Vuln. Introduced
https://git.kernel.org/stable/c/57d2ce1603101ce3f30d0ccdc35b98af08d2ed88	Vuln. Introduced
https://git.kernel.org/stable/c/5ba1957f889f575f2a240eafe543c3fda5aa72e0	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4	2024-03-15
https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b	2024-03-15
https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2	2024-03-15
https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0	2024-03-15
https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80	2024-03-15
https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85	2024-03-15
https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1	2024-03-15
https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38	2024-03-06

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 4.19.310 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.19.310"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.4.272 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.4.272"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.10.213 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.10.213"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.15.152 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.15.152"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.1.82 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.1.82"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.6.22 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.6.22"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.7.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.7.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				3.18.85 Search vendor "Linux" for product "Linux Kernel" and version "3.18.85"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.1.48 Search vendor "Linux" for product "Linux Kernel" and version "4.1.48"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.4.103 Search vendor "Linux" for product "Linux Kernel" and version "4.4.103"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.9.66 Search vendor "Linux" for product "Linux Kernel" and version "4.9.66"		en		Affected