Lucene search

LinuxCVE-2024-42250

HistoryAug 07, 2024 - 4:15 p.m.

CVE-2024-42250

2024-08-0716:15:47

CWE-667

Linux

web.nvd.nist.gov

linux kernel

cachefiles

vulnerability

resolved

missing lock protection

poll routine

xarray

iteration

rcu read lock

spinlock

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

Low

EPSS

Percentile

5.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:

cachefiles: add missing lock protection when polling

Add missing lock protection in poll routine when iterating xarray,
otherwise:

Even with RCU read lock held, only the slot of the radix tree is
ensured to be pinned there, while the data structure (e.g. struct
cachefiles_req) stored in the slot has no such guarantee. The poll
routine will iterate the radix tree and dereference cachefiles_req
accordingly. Thus RCU read lock is not adequate in this case and
spinlock is needed here.

Affected configurations

Nvd

Vulners

Node

linuxlinux_kernelRange6.8–6.9.10

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/cachefiles/daemon.c"
    ],
    "versions": [
      {
        "version": "0e19a18f998d",
        "lessThan": "97cfd5e20ddc",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "189438643427",
        "lessThan": "6bb6bd3dd6f3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b817e22b2e91",
        "lessThan": "8eadcab7f3dd",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b817e22b2e91",
        "lessThan": "cf5bb09e742a",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/cachefiles/daemon.c"
    ],
    "versions": [
      {
        "version": "6.8",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.8",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.9.10",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]