6.3 CVE-2024-41012
Patch
In the Linux kernel, the following vulnerability has been resolved:
filelock: Remove locks reliably when fcntl/close race is detected
When fcntl_setlk() races with close(), it removes the created lock with
do_lock_file_wait().
However, LSMs can allow the first do_lock_file_wait() that created the lock
while denying the second do_lock_file_wait() that tries to remove the lock.
Separately, posix_lock_file() could also fail to
remove a lock due to GFP_KERNEL allocation failure (when splitting a range
in the middle).
After the bug has been triggered, use-after-free reads will occur in
lock_get_status() when userspace reads /proc/locks. This can likely be used
to read arbitrary kernel memory, but can't corrupt kernel memory.
Fix it by calling locks_remove_posix() instead, which is designed to
reliably get rid of POSIX locks associated with the given file and
files_struct and is also used by filp_flush().
https://nvd.nist.gov/vuln/detail/CVE-2024-41012
Categories
CWE-416
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67 Patch
af854a3a-2127-422b-91ae-364da2661108 Patch
CPE
cpe | start | end |
---|---|---|
Configuration 1 | ||
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 2.6.13 | < 4.19.319 |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 4.20 | < 5.4.281 |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 5.5 | < 5.10.223 |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 5.11 | < 5.15.164 |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 5.16 | < 6.1.101 |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 6.2 | < 6.6.42 |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 6.7 | < 6.9.9 |
cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:* |
REMEDIATION
Patch
EXPLOITS
Exploit-db.com
id | description | date | |
---|---|---|---|
No known exploits |
POC Github
Url |
---|
Other Nist (github, ...)
Url |
---|
No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
id | description | severity |
---|---|---|
No entry |
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.