3 matches found
CVE-2024-36972
CVE-2024-36972 : In the Linux kernel, a race between __unix_gc() and queue_oob() can occur for unix sockets if MSG_OOB is queued while unix_sk(sk)->oob_skb is being garbage-collected. The code previously touched oob_skb without holding the sk_receive_queue lock, allowing a concurrent update to...
CVE-2024-50155
CVE-2024-50155 affects the Linux kernel’s netdevsim driver, specifically the nsim_dev_trap_report_work() path. The issue arises from not using conditional rescheduling in the work that handles trap reports, which can cause a task to be blocked for long periods (as seen in syzbot output). The conn...
CVE-2024-26780
CVE-2024-26780 | Linux kernel (af_unix) — The vulnerability centers on a task hang during purging oob_skb in GC. The root cause is that list_for_each_entry_safe() is not actually safe when a single skb has references from multiple sockets; freeing such an skb can unlink current and next sockets i...