CVE-2024-27019

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __nft_obj_type_get(). Therefore, there is potential data-race of nf_tables_objects list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_objects list in __nft_obj_type_get(), and use rcu_read_lock() in the caller nft_obj_type_get() to protect the entire type query process.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

History

21 Nov 2024, 09:03

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - Patch () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - Patch
References () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - Patch () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - Patch
References () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - Patch () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - Patch
References () https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88 - () https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88 -
References () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - Patch () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - Patch
References () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - Patch () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - Patch

16 Jun 2024, 13:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88 -

23 May 2024, 19:36

Type Values Removed Values Added
First Time Fedoraproject
Fedoraproject fedora
Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CWE CWE-362
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.7
References () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - Patch
References () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - Patch
References () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - Patch
References () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - Patch
References () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - Patch

13 May 2024, 08:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}

03 May 2024, 03:16

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nf_tables: corrige una posible ejecución de datos en __nft_obj_type_get() nft_unregister_obj() puede concurrir con __nft_obj_type_get(), y no hay ninguna protección cuando se itera sobre la lista de nf_tables_objects en __nft_obj_type_get() . Por lo tanto, existe una posible ejecución de datos de la entrada de la lista nf_tables_objects. Utilice list_for_each_entry_rcu() para iterar sobre la lista nf_tables_objects en __nft_obj_type_get(), y utilice rcu_read_lock() en el llamador nft_obj_type_get() para proteger todo el proceso de consulta de tipos.
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/ -

01 May 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-01 06:15

Updated : 2024-11-21 09:03


NVD link : CVE-2024-27019

Mitre link : CVE-2024-27019

CVE.ORG link : CVE-2024-27019


JSON object : View

Products Affected

linux

  • linux_kernel

fedoraproject

  • fedora
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')