CVE-2024-27067
xen/evtchn: avoid WARN() when unbinding an event channel
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
xen/evtchn: avoid WARN() when unbinding an event channel
When unbinding a user event channel, the related handler might be
called a last time in case the kernel was built with
CONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.
Avoid that by adding an "unbinding" flag to struct user_event which
will short circuit the handler.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: xen/evtchn: evite WARN() al desvincular un canal de eventos Al desvincular un canal de eventos de usuario, es posible que se llame al controlador relacionado por última vez en caso de que el kernel se haya compilado con CONFIG_DEBUG_SHIRQ. Esto podría provocar un WARN() en el controlador. Evite esto agregando un indicador de "desvinculación" a la estructura user_event que provocará un cortocircuito en el controlador.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-19 CVE Reserved
- 2024-05-01 CVE Published
- 2024-05-02 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/3c8f5965a99397368d3762a9814a21a3e442e1a4 | Vuln. Introduced | |
https://git.kernel.org/stable/c/9e90e58c11b74c2bddac4b2702cf79d36b981278 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.19 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.19 < 6.6.23" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.7 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.7.11" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.7 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.8.2" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.7 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.9" | en |
Affected
|