In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
nft_unregister_obj() can concurrent with __nft_obj_type_get(),
and there is not any protection when iterate over nf_tables_objects
list in __nft_obj_type_get(). Therefore, there is potential data-race
of nf_tables_objects list entry.
Use list_for_each_entry_rcu() to iterate over nf_tables_objects
list in __nft_obj_type_get(), and use rcu_read_lock() in the caller
nft_obj_type_get() to protect the entire type query process.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 09:03
Type | Values Removed | Values Added |
---|---|---|
References | () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - Patch | |
References | () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - Patch | |
References | () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - Patch | |
References | () https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88 - | |
References | () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - Patch | |
References | () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - Patch |
16 Jun 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 May 2024, 19:36
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fedoraproject
Fedoraproject fedora Linux linux Kernel Linux |
|
CPE | cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* |
|
CWE | CWE-362 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
References | () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - Patch | |
References | () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - Patch | |
References | () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - Patch | |
References | () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - Patch | |
References | () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - Patch |
13 May 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 May 2024, 03:16
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References |
|
01 May 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-01 06:15
Updated : 2024-11-21 09:03
NVD link : CVE-2024-27019
Mitre link : CVE-2024-27019
CVE.ORG link : CVE-2024-27019
JSON object : View
Products Affected
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')