CVE-2024-49855

nbd: fix race between timeout and normal completion

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

MITRE

In the Linux kernel, the following vulnerability has been resolved:

nbd: fix race between timeout and normal completion

If request timetout is handled by nbd_requeue_cmd(), normal completion
has to be stopped for avoiding to complete this requeued request, other
use-after-free can be triggered.

Fix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime
make sure that cmd->lock is grabbed for clearing the flag and the
requeue.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-10-21 CVE Reserved
2024-10-21 CVE Published
2024-10-23 EPSS Updated
2024-11-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/2895f1831e911ca87d4efdf43e35eb72a0c7e66e	Vuln. Introduced
https://git.kernel.org/stable/c/cdf62c535a9bfd5ff0eef4b91669da39d8abc0c3	Vuln. Introduced
https://git.kernel.org/stable/c/5171ef20bae852ff38f4cfdb368bcdcc744776d0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/9c25faf72d780a9c71081710cd48759d61ff6e9b	2024-10-17
https://git.kernel.org/stable/c/6e73b946a379a1dfbb62626af93843bdfb53753d	2024-10-04
https://git.kernel.org/stable/c/5236ada8ebbd9e7461f17477357582f5be4f46f7	2024-10-04
https://git.kernel.org/stable/c/9a74c3e6c0d686c26ba2aab66d15ddb89dc139cc	2024-10-04
https://git.kernel.org/stable/c/c9ea57c91f03bcad415e1a20113bdb2077bcf990	2024-08-30

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.1.113 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.1.113"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.6.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.6.54"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.10.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.10.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.11.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.11.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.19 < 6.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19 < 6.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.17.15 Search vendor "Linux" for product "Linux Kernel" and version "5.17.15"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.18.4 Search vendor "Linux" for product "Linux Kernel" and version "5.18.4"		en		Affected