CVE-2024-27019

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-27019
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __nft_obj_type_get(). Therefore, there is potential data-race of nf_tables_objects list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_objects list in __nft_obj_type_get(), and use rcu_read_lock() in the caller nft_obj_type_get() to protect the entire type query process.

4.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 Patch
https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 Patch
https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e Patch
https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88
https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 Patch
https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
History

16 Jun 2024, 13:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88 -

23 May 2024, 19:36

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - () https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920 - Patch
References () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - () https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73 - Patch
References () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - () https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e - Patch
References () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - () https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484 - Patch
References () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - () https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349 - Patch
First Time Linux linux Kernel
Linux
Fedoraproject
Fedoraproject fedora
CWE CWE-362
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.7
CPE cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

13 May 2024, 08:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}

03 May 2024, 03:16

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nf_tables: corrige una posible ejecución de datos en __nft_obj_type_get() nft_unregister_obj() puede concurrir con __nft_obj_type_get(), y no hay ninguna protección cuando se itera sobre la lista de nf_tables_objects en __nft_obj_type_get() . Por lo tanto, existe una posible ejecución de datos de la entrada de la lista nf_tables_objects. Utilice list_for_each_entry_rcu() para iterar sobre la lista nf_tables_objects en __nft_obj_type_get(), y utilice rcu_read_lock() en el llamador nft_obj_type_get() para proteger todo el proceso de consulta de tipos.
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/ -

01 May 2024, 06:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-01 06:15

Updated : 2024-06-16 13:15

NVD link : CVE-2024-27019

Mitre link : CVE-2024-27019

CVE.ORG link : CVE-2024-27019

JSON object : View

Products Affected

linux

  • linux_kernel

fedoraproject

  • fedora
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024