In the Linux kernel, the following vulnerability has been resolved:
tracing/timerlat: Only clear timer if a kthread exists
The timerlat tracer can use user space threads to check for osnoise and
timer latency. If the program using this is killed via a SIGTERM, the
threads are shutdown one at a time and another tracing instance can start
up resetting the threads before they are fully closed. That causes the
hrtimer assigned to the kthread to be shutdown and freed twice when the
dying thread finally closes the file descriptors, causing a use-after-free
bug.
Only cancel the hrtimer if the associated thread is still around. Also add
the interface_lock around the resetting of the tlat_var->kthread.
Note, this is just a quick fix that can be backported to stable. A real
fix is to have a better synchronization between the shutdown of old
threads and the starting of new ones.
References
Configurations
Configuration 1 (hide)
|
History
02 Oct 2024, 14:18
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
CWE | CWE-416 | |
CPE | cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:* |
|
References | () https://git.kernel.org/stable/c/8a9d0d405159e9c796ddf771f7cff691c1a2bc1e - Patch | |
References | () https://git.kernel.org/stable/c/8c72f0b2c45f21cb8b00fc37f79f632d7e46c2ed - Patch | |
References | () https://git.kernel.org/stable/c/e6a53481da292d970d1edf0d8831121d1c5e2f0d - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
30 Sep 2024, 12:45
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Sep 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-27 13:15
Updated : 2024-10-02 14:18
NVD link : CVE-2024-46845
Mitre link : CVE-2024-46845
CVE.ORG link : CVE-2024-46845
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free