kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

CVE-2024-40995 net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite loop in tcfidrcheckalloc syzbot found hanging tasks waiting on rtnllock 1 A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, t...

CVE-2024-40995 net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite loop in tcfidrcheckalloc syzbot found hanging tasks waiting on rtnllock 1 A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, t...

CVE-2024-40995

CVE-2024-40995 affects the Linux kernel net/sched: act_api where repeated adds of actions with the same index could hang by causing an infinite loop in tcf_idr_check_alloc. The fix returns -EAGAIN to prevent the loop while preserving documented behavior. Syzbot reported tasks blocked waiting on r...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a potential infinite loop in the tcfidrcheckalloc function of the net/sched:actapi component...