CVE-2024-27019
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __nft_obj_type_get(). Therefore, there is potential data-race of nf_tables_objects list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_objects list in __nft_obj_type_get(), and use rcu_read_lock() in the caller nft_obj_type_get() to protect the entire type query process.
CVSS Metrics
- v3.1•MEDIUM•Score: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Trends
Current EPSS score: 0.01%• Percentile: 1%
Techniques & Countermeasures
- CWE-362•Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Affected Systems
- fedoraproject•fedora
38 | 39 | 40
- linux•linux
≥ e50092404c1bc7aaeb0a0f4077fa6f07b073a20f, < cade34279c2249eafe528564bd2e203e4ff15f88 | ≥ e50092404c1bc7aaeb0a0f4077fa6f07b073a20f, < 379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 | ≥ e50092404c1bc7aaeb0a0f4077fa6f07b073a20f, < df7c0fb8c2b9f9cac65659332581b19682a71349 | ≥ e50092404c1bc7aaeb0a0f4077fa6f07b073a20f, < ad333578f736d56920e090d7db1f8dec891d815e | ≥ e50092404c1bc7aaeb0a0f4077fa6f07b073a20f, < 4ca946b19caf655a08d5e2266d4d5526025ebb73 | ≥ e50092404c1bc7aaeb0a0f4077fa6f07b073a20f, < d78d867dcea69c328db30df665be5be7d0148484 | 4.10
- linux•linux_kernel
≥ 4.10, < 5.15.157 | ≥ 5.16, < 6.1.88 | ≥ 6.2, < 6.6.29 | ≥ 6.7, < 6.8.8 | 6.9:rc1 | 6.9:rc2 | 6.9:rc3 | 6.9:rc4
References (9)
- https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88
- https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920
- https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349
- https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e
- https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73
- https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/