CVE-2024-26631
- ULN >
- Oracle Linux CVE repository >
- CVE-2024-26631
CVE Details
| Release Date: | 2024-03-18 | |
| Impact: | Low | What is this? |
Description
In the Linux kernel, the following vulnerability has been resolved:\nipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work\nidev->mc_ifc_count can be written over without proper locking.\nOriginally found by syzbot [1], fix this issue by encapsulating calls\nto mld_ifc_stop_work() (and mld_gq_stop_work() for good measure) with\nmutex_lock() and mutex_unlock() accordingly as these functions\nshould only be called with mc_lock per their declarations.\n[1]\nBUG: KCSAN: data-race in ipv6_mc_down / mld_ifc_work\nwrite to 0xffff88813a80c832 of 1 bytes by task 3771 on cpu 0:\nmld_ifc_stop_work net/ipv6/mcast.c:1080 [inline]\nipv6_mc_down+0x10a/0x280 net/ipv6/mcast.c:2725\naddrconf_ifdown+0xe32/0xf10 net/ipv6/addrconf.c:3949\naddrconf_notify+0x310/0x980\nnotifier_call_chain kernel/notifier.c:93 [inline]\nraw_notifier_call_chain+0x6b/0x1c0 kernel/notifier.c:461\n__dev_notify_flags+0x205/0x3d0\ndev_change_flags+0xab/0xd0 net/core/dev.c:8685\ndo_setlink+0x9f6/0x2430 net/core/rtnetlink.c:2916\nrtnl_group_changelink net/core/rtnetlink.c:3458 [inline]\n__rtnl_newlink net/core/rtnetlink.c:3717 [inline]\nrtnl_newlink+0xbb3/0x1670 net/core/rtnetlink.c:3754\nrtnetlink_rcv_msg+0x807/0x8c0 net/core/rtnetlink.c:6558\nnetlink_rcv_skb+0x126/0x220 net/netlink/af_netlink.c:2545\nrtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:6576\nnetlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\nnetlink_unicast+0x589/0x650 net/netlink/af_netlink.c:1368\nnetlink_sendmsg+0x66e/0x770 net/netlink/af_netlink.c:1910\n...\nwrite to 0xffff88813a80c832 of 1 bytes by task 22 on cpu 1:\nmld_ifc_work+0x54c/0x7b0 net/ipv6/mcast.c:2653\nprocess_one_work kernel/workqueue.c:2627 [inline]\nprocess_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2700\nworker_thread+0x525/0x730 kernel/workqueue.c:2781\n...
See more information about CVE-2024-26631 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS metrics and score provided are preliminary and subject to review.
CVSS v3 metrics
| Base Score: | 2.5 |
| Vector String: | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L |
| Version: | 3.1 |
| Attack Vector: | Local |
| Attack Complexity: | High |
| Privileges Required: | Low |
| User Interaction: | None |
| Scope: | Unchanged |
| Confidentiality Impact: | None |
| Integrity Impact: | None |
| Availability Impact: | Low |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 9 (kernel) | ELSA-2024-9315 | 2024-11-14 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
