[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2024-36979":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":19,"modified_at":20,"state":9,"summary":21,"references_raw":23,"kevs":30,"epss":9,"epss_history":31,"metrics":32,"affected":39},"DEBIAN-CVE-2024-36979","In the Linux kernel, the following vulnerability has been resolved:  net: bridge: mst: fix vlan use-after-free  syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same path (br forward delay timer). Fix the rcu usage and also make sure we are not accessing freed memory by making br_mst_vlan_set_state use rcu read lock.  [1]  WARNING: suspicious RCU usage  6.9.0-rc6-syzkaller #0 Not tainted  -----------------------------  net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage!  ...  stack backtrace:  CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024  Call Trace:   \u003CIRQ>   __dump_stack lib/dump_stack.c:88 [inline]   dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114   lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712   nbp_vlan_group net/bridge/br_private.h:1599 [inline]   br_mst_set_state+0x1ea/0x650 net/bridge/br_mst.c:105   br_set_state+0x28a/0x7b0 net/bridge/br_stp.c:47   br_forward_delay_timer_expired+0x176/0x440 net/bridge/br_stp_timer.c:88   call_timer_fn+0x18e/0x650 kernel/time/timer.c:1793   expire_timers kernel/time/timer.c:1844 [inline]   __run_timers kernel/time/timer.c:2418 [inline]   __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2429   run_timer_base kernel/time/timer.c:2438 [inline]   run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2448   __do_softirq+0x2c6/0x980 kernel/softirq.c:554   invoke_softirq kernel/softirq.c:428 [inline]   __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633   irq_exit_rcu+0x9/0x30 kernel/softirq.c:645   instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]   sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043   \u003C/IRQ>   \u003CTASK>  asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702  RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758  Code: 2b 00 74 08 4c 89 f7 e8 ba d1 84 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003C4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25  RSP: 0018:ffffc90013657100 EFLAGS: 00000206  RAX: 0000000000000001 RBX: 1ffff920026cae2c RCX: 0000000000000001  RDX: dffffc0000000000 RSI: ffffffff8bcaca00 RDI: ffffffff8c1eaa60  RBP: ffffc90013657260 R08: ffffffff92efe507 R09: 1ffffffff25dfca0  R10: dffffc0000000000 R11: fffffbfff25dfca1 R12: 1ffff920026cae28  R13: dffffc0000000000 R14: ffffc90013657160 R15: 0000000000000246",null,[],[],[],[14],{"_key":15},"CVE-2024-36979",[],[],[],"2024-06-19T14:15:13.620Z","2026-04-28T20:28:08.003960Z",{"cisa_kev":22,"cisa_ransomware":22,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[24],{"url":25,"sources":26,"tags":28},"https://security-tracker.debian.org/tracker/CVE-2024-36979",[27],"osv_debian",[29],"Advisory",[],[],[33],{"source":27,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":34,"cvss_v4_0":9},{"baseScore":35,"baseSeverity":9,"vectorString":36,"impactScore":37,"exploitabilityScore":38},7.8,"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,4.6,[40],{"ecosystem":41,"name":42,"vendor":43,"product":42,"cpe_part":9,"purl_type":44,"purl_namespace":43,"purl_name":42,"source":9,"versions":45},"Debian","linux","debian","deb",[46,52,55],{"version":47,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":50,"version_end_type":51,"fixed_in":9},"lt6_1_94_1",true,"ecosystem","6.1.94-1","excluding",{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9},"lt6_8_12_1","6.8.12-1",{"version":53,"is_range":48,"range_type":49,"version_start":9,"version_start_type":9,"version_end":54,"version_end_type":51,"fixed_in":9}]