CVE-2024-36961
- ULN >
- Oracle Linux CVE repository >
- CVE-2024-36961
CVE Details
| Release Date: | 2024-06-03 |
Description
In the Linux kernel, the following vulnerability has been resolved:\nthermal/debugfs: Fix two locking issues with thermal zone debug\nWith the current thermal zone locking arrangement in the debugfs code,\nuser space can open the 'mitigations' file for a thermal zone before\nthe zone's debugfs pointer is set which will result in a NULL pointer\ndereference in tze_seq_start().\nMoreover, thermal_debug_tz_remove() is not called under the thermal\nzone lock, so it can run in parallel with the other functions accessing\nthe thermal zone's struct thermal_debugfs object. Then, it may clear\ntz->debugfs after one of those functions has checked it and the\nstruct thermal_debugfs object may be freed prematurely.\nTo address the first problem, pass a pointer to the thermal zone's\nstruct thermal_debugfs object to debugfs_create_file() in\nthermal_debug_tz_add() and make tze_seq_start(), tze_seq_next(),\ntze_seq_stop(), and tze_seq_show() retrieve it from s->private\ninstead of a pointer to the thermal zone object. This will ensure\nthat tz_debugfs will be valid across the 'mitigations' file accesses\nuntil thermal_debugfs_remove_id() called by thermal_debug_tz_remove()\nremoves that file.\nTo address the second problem, use tz->lock in thermal_debug_tz_remove()\naround the tz->debugfs value check (in case the same thermal zone is\nremoved at the same time in two different threads) and its reset to NULL.\nCc :6.8+
See more information about CVE-2024-36961 from MITRE CVE dictionary and NIST NVD
CVSS Scoring
NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.
| Base Score: | 4.4 | CVSS Vector: | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector: | Local network | Attack Complexity: | Low |
| Privileges Required: | High | User Interaction: | None |
| Scope: | Unchanged | Confidentiality Impact: | None |
| Integrity Impact: | None | Availability Impact: | High |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 9 (kernel) | ELSA-2024-9315 | 2024-11-14 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
