CVE-2024-36972

🗓️ 12 Jun 2024 00:47:35Reported by redhat.comType

In Linux kernel, resolved vulnerability af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Fix race between __unix_gc() and queue_oob(). To fix, update unix_sk(sk)->oob_skb under sk_receive_queue's lock

Reporter	Title	Published	Views	Family All 116
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-683)	6 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-047)	17 Aug 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: kernel (CVE-2024-36972)	22 Jan 202600:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2024-5.0-0305	24 Jul 202400:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2571-1)	23 Jul 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)	14 Aug 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2973-1)	21 Aug 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:02821-1)	19 Aug 202500:00	–	nessus
Tenable Nessus	Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)	11 Sep 202400:00	–	nessus
Tenable Nessus	Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-2)	23 Sep 202400:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-36972
lore	www.lore.kernel.org/linux-cve-announce/[email protected]/T
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

21 Nov 2024 15:53Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.15.5

EPSS0.00096

CWE-476