CVE-2024-40920
net: bridge: mst: fix suspicious rcu usage in br_mst_set_state
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free
but forgot to change the vlan group dereference helper. Switch to vlan
group RCU deref helper to fix the suspicious rcu usage warning.
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper. Switch to vlan group RCU deref helper to fix the suspicious rcu usage warning.
This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed. Net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state. Net: bridge: mst: fix suspicious rcu usage in br_mst_set_state. Net: bridge: mst: fix vlan use-after-free. Cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie. Vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans. Fixed memory leak for not ip packets. Bluetooth: Ignore too large handle values in BIG. Btrfs: make sure that WRITTEN is set on all metadata blocks. Smb: client: fix use-after-free bug in cifs_debug_data_proc_show. Net: do not leave a dangling sk pointer, when socket creation fails bpf: Fix a potential use-after-free in bpf_link_free.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-07-12 CVE Reserved
- 2024-07-12 CVE Published
- 2025-05-04 CVE Updated
- 2025-06-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/8ca9a750fc711911ef616ceb627d07357b04545e | Vuln. Introduced | |
| https://git.kernel.org/stable/c/4488617e5e995a09abe4d81add5fb165674edb59 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/e43dd2b1ec746e105b7db5f9ad6ef14685a615a4 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/a2b01e65d9ba8af2bb086d3b7288ca53a07249ac | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.1.93 < 6.1.95 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.93 < 6.1.95" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.33 < 6.6.35 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.33 < 6.6.35" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.9.3 < 6.9.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.9.3 < 6.9.6" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.8.12 Search vendor "Linux" for product "Linux Kernel" and version "6.8.12" | en |
Affected
| ||||||