CVE-2024-41012 filelock: Remove locks reliably when fcntl/close race is detected

In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...

CVE-2024-41012

CVE-2024-41012 (Linux kernel) describes a filelock race where fcntl_setlk() races with close() and a second path in posix_lock_file() could fail to remove a lock. In certain LSMs this could let a created lock survive a competing removal, enabling use-after-free reads in /proc/locks and potentiall...

CVE-2024-41012

In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...

Linux Kernel locks_remove_flock()本地竞争条件漏洞

BUGTRAQ ID: 33237 CVECAN ID: CVE-2008-4307 Linux Kernel是开放源码操作系统Linux所使用的内核。 RHEL4/5内核处理POSIX锁定时fcntl调用可能与关闭相同文件描述符出现竞争，本地攻击者可以利用这个漏洞导致拒绝服务或获得权限提升。 fcntl以如下方式获得POSIX锁定： sysfcntl fget dofcntl fcntlsetlk fput if!count fput locksremoveflock fcntlsetlk调用可能阻塞很长时间，允许同一进程中的其他线程关闭文件描述符： sysclose filpclos...