CVE-2024-38596

🗓️ 19 Jun 2024 13:45:45Reported by LinuxType

cve🔗 web.nvd.nist.gov👁 176 Views🌐 WEB

Linux kernel af_unix data race CVE-2024-38596 fi

Reporter	Title	Published	Views	Family All 299
IBM Security Bulletins	Security Bulletin: Vulnerability in linux (Kernel) affects IBM Integrated Analytics System.	2 Jul 202512:19	–	ibm
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-683)	6 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALAS-2024-2613)	17 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-065)	17 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-047)	17 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-077 (ALASKERNEL-5.4-2024-077)	17 Aug 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel (ALSA-2024:5101)	9 Aug 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : kernel-rt (ALSA-2024:5102)	9 Aug 202400:00	–	nessus
Tenable Nessus	Debian dla-3840 : hyperv-daemons - security update	27 Jun 202400:00	–	nessus
Tenable Nessus	Debian dsa-5730 : affs-modules-5.10.0-29-4kc-malta-di - security update	16 Jul 202400:00	–	nessus

NVD

Vulners

CNA

Node

linux linux_kernelRange2.6.13–4.19.316

linux linux_kernelRange4.20–5.4.278

linux linux_kernelRange5.5–5.10.219

linux linux_kernelRange5.11–5.15.161

linux linux_kernelRange5.16–6.1.93

linux linux_kernelRange6.2–6.6.33

linux linux_kernelRange6.7–6.8.12

linux linux_kernelRange6.9–6.9.3

linux linux_kernelMatch2.6.12-

linux linux_kernelMatch2.6.12rc2

linux linux_kernelMatch2.6.12rc3

linux linux_kernelMatch2.6.12rc4

linux linux_kernelMatch2.6.12rc5

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/unix/af_unix.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "fca6072e1a7b1e709ada5604b951513b89b4bd0a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "de6641d213373fbde9bbdd7c4b552254bc9f82fe",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "4d51845d734a4c5d079e56e0916f936a55e15055",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "9aa8773abfa0e954136875b4cbf2df4cf638e8a5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "8299e4d778f664b31b67cf4cf3d5409de2ecb92c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "0688d4e499bee3f2749bca27329bd128686230cb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "a4c88072abcaca593cefe70f90e9d3707526e8f9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "a52fa2addfcccc2c5a0217fd45562605088c018b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
        "lessThan": "540bf24fba16b88c1b3b9353927204b4f1074e25",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/unix/af_unix.c"
    ],
    "versions": [
      {
        "version": "2.6.12",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.12",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "4.19.316",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.278",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.219",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.161",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.93",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.33",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.8.12",
        "lessThanOrEqual": "6.8.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.9.3",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.10",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/0688d4e499bee3f2749bca27329bd128686230cb
git	www.git.kernel.org/stable/c/9aa8773abfa0e954136875b4cbf2df4cf638e8a5
git	www.git.kernel.org/stable/c/de6641d213373fbde9bbdd7c4b552254bc9f82fe
git	www.git.kernel.org/stable/c/a52fa2addfcccc2c5a0217fd45562605088c018b
git	www.git.kernel.org/stable/c/540bf24fba16b88c1b3b9353927204b4f1074e25
git	www.git.kernel.org/stable/c/4d51845d734a4c5d079e56e0916f936a55e15055
git	www.git.kernel.org/stable/c/8299e4d778f664b31b67cf4cf3d5409de2ecb92c
git	www.git.kernel.org/stable/c/fca6072e1a7b1e709ada5604b951513b89b4bd0a
git	www.git.kernel.org/stable/c/a4c88072abcaca593cefe70f90e9d3707526e8f9
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-613116.html

Parameter	Position	Path	Description	CWE
sk_shutdown	nested	net/unix/af_unix.c:640	Data race between unix_release_sock (writer) and unix_stream_sendmsg (reader) on sk->sk_shutdown in af_unix path, leading to a KCSAN-like hazard.	CWE-362
WRITE_ONCE	nested	net/unix/af_unix.c:640	Data race between unix_release_sock (writer) and unix_stream_sendmsg (reader) on sk->sk_shutdown in af_unix path, leading to a KCSAN-like hazard.	CWE-362
sk_shutdown	nested	net/unix/af_unix.c:2273	Reader path unix_stream_sendmsg reads sk->sk_shutdown without atomic protection, causing a data race with concurrent writer in unix_release_sock/unix_release.	CWE-362
read	nested	net/unix/af_unix.c:2273	Reader path unix_stream_sendmsg reads sk->sk_shutdown without atomic protection, causing a data race with concurrent writer in unix_release_sock/unix_release.	CWE-362

12 May 2026 12:16Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.14.7

EPSS0.00015

SSVC

CWE-362