CVE-2024-27419

MEDIUM

Linux Kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.

References (10)

[Patch] https://git.kernel.org/stable/c/0866afaff19d8460308b022345ed116a12b1d0e1

[Patch] https://git.kernel.org/stable/c/16d71319e29d5825ab53f263b59fdd8dc2d60ad4

[Patch] https://git.kernel.org/stable/c/34cab94f7473e7b09f5205d4583fb5096cb63b5b

[Patch] https://git.kernel.org/stable/c/43464808669ba9d23996f0b6d875450191687caf

[Patch] https://git.kernel.org/stable/c/bbf950a6e96a91cf8cf0c71117b94ed3fafc9dd3

[Patch] https://git.kernel.org/stable/c/d380ce70058a4ccddc3e5f5c2063165dc07672c6

[Patch] https://git.kernel.org/stable/c/d623fd5298d95b65d27ef5a618ebf39541074856

[Patch] https://git.kernel.org/stable/c/f9055fa2b2931261d5f89948ee5bc315b6a22d4a

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Scores

CVSS v3 4.7

EPSS 0.0001

EPSS Percentile 1.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-362

Status published

Affected Products (21)

linux/linux_kernel < 4.19.310

linux/linux_kernel

debian/debian_linux

linux/Kernel < 4.19.310linux

... and 6 more

Timeline

Published May 17, 2024

Tracked Since Feb 18, 2026