CVE-2024-27419

MEDIUM

Linux Kernel Data Race in netrom sysctl_net_busy_read

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.

References (11)

Core 11

Core References

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Patch

https://git.kernel.org/stable/c/d623fd5298d95b65d27ef5a618ebf39541074856

Patch

https://git.kernel.org/stable/c/f9055fa2b2931261d5f89948ee5bc315b6a22d4a

Patch

https://git.kernel.org/stable/c/bbf950a6e96a91cf8cf0c71117b94ed3fafc9dd3

Patch

https://git.kernel.org/stable/c/0866afaff19d8460308b022345ed116a12b1d0e1

Patch

https://git.kernel.org/stable/c/43464808669ba9d23996f0b6d875450191687caf

Patch

https://git.kernel.org/stable/c/34cab94f7473e7b09f5205d4583fb5096cb63b5b

Patch

https://git.kernel.org/stable/c/16d71319e29d5825ab53f263b59fdd8dc2d60ad4

Patch

https://git.kernel.org/stable/c/d380ce70058a4ccddc3e5f5c2063165dc07672c6

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Scores

CVSS v3 4.7

EPSS 0.0001

EPSS Percentile 1.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-362

Status published

Products (29)

debian/debian_linux 10.0

linux/Kernel 2.6.12 - 4.19.310linux

linux/Kernel 4.20.0 - 5.4.272linux

linux/Kernel 5.11.0 - 5.15.152linux

linux/Kernel 5.16.0 - 6.1.82linux

linux/Kernel 5.5.0 - 5.10.213linux

linux/Kernel 6.2.0 - 6.6.22linux

linux/Kernel 6.7.0 - 6.7.10linux

Linux/Linux < 2.6.12

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 0866afaff19d8460308b022345ed116a12b1d0e1

... and 19 more

Published May 17, 2024

Tracked Since Feb 18, 2026