CVE-2024-40920

net: bridge: mst: fix suspicious rcu usage in br_mst_set_state

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free
but forgot to change the vlan group dereference helper. Switch to vlan
group RCU deref helper to fix the suspicious rcu usage warning.

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper. Switch to vlan group RCU deref helper to fix the suspicious rcu usage warning.

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-12 CVE Reserved
2024-07-12 CVE Published
2024-12-19 CVE Updated
2025-03-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/8ca9a750fc711911ef616ceb627d07357b04545e	Vuln. Introduced
https://git.kernel.org/stable/c/4488617e5e995a09abe4d81add5fb165674edb59	Vuln. Introduced
https://git.kernel.org/stable/c/e43dd2b1ec746e105b7db5f9ad6ef14685a615a4	Vuln. Introduced
https://git.kernel.org/stable/c/a2b01e65d9ba8af2bb086d3b7288ca53a07249ac	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/caaa2129784a04dcade0ea92c12e6ff90bbd23d8	2024-06-21
https://git.kernel.org/stable/c/7caefa2771722e65496d85b62e1dc4442b7d1345	2024-06-21
https://git.kernel.org/stable/c/406bfc04b01ee47e4c626f77ecc7d9f85135b166	2024-06-21
https://git.kernel.org/stable/c/546ceb1dfdac866648ec959cbc71d9525bd73462	2024-06-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.93 < 6.1.95 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.93 < 6.1.95"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.33 < 6.6.35 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.33 < 6.6.35"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.9.3 < 6.9.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.9.3 < 6.9.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.8.12 Search vendor "Linux" for product "Linux Kernel" and version "6.8.12"		en		Affected