CVE-2024-26862 - Vulnerability Details

Vendors	Products
Redhat	Enterprise Linux

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 9
kernel-0:5.14.0-503.11.1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z
kernel-0:5.14.0-503.11.1.el9_5	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z

Link	Providers
https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37
https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd
https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97
https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0
https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97
https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560
https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234
https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024041736-CVE-2024-26862-2605@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26862
https://www.cve.org/CVERecord?id=CVE-2024-26862

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Show plain JSON

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26862", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.184Z", "datePublished": "2024-04-17T10:27:25.634Z", "dateUpdated": "2025-05-04T08:58:13.163Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:58:13.163Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -> 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G        W          6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/dev.c", "net/packet/af_packet.c"], "versions": [{"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "84c510411e321caff3c07e6cd0f917f06633cfc0", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "68e84120319d4fc298fcdb14cf0bea6a0f64ffbd", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "d35b62c224e70797f8a1c37fe9bc4b3e294b7560", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "ef7eed7e11d23337310ecc2c014ecaeea52719c5", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "2c02c5059c78a52d170bdee4a369b470de6deb37", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "ee413f30ec4fe94a0bdf32c8f042cb06fa913234", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "8b1e273c6afcf00d3c40a54ada7d6aac1b503b97", "status": "affected", "versionType": "git"}, {"version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "6ebfad33161afacb3e1e59ed1c2feefef70f9f97", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/dev.c", "net/packet/af_packet.c"], "versions": [{"version": "4.20", "status": "affected"}, {"version": "0", "lessThan": "4.20", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "5.4.273"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "5.10.214"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "5.15.153"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.1.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0"}, {"url": "https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd"}, {"url": "https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560"}, {"url": "https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5"}, {"url": "https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37"}, {"url": "https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234"}, {"url": "https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97"}, {"url": "https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97"}], "title": "packet: annotate data-races around ignore_outgoing", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T17:41:30.819714Z", "id": "CVE-2024-26862", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:48:16.027Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:04.133Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

cveMetadata : { »

cveId : CVE-2024-26862 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-19T14:20:24.184Z (string)

datePublished : 2024-04-17T10:27:25.634Z (string)

dateUpdated : 2025-05-04T08:58:13.163Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T08:58:13.163Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: BUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0: packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003 do_sock_setsockopt net/socket.c:2311 [inline] __sys_setsockopt+0x1d8/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [inline] __se_sys_setsockopt net/socket.c:2340 [inline] __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340 do_syscall_64+0xd3/0x1d0 entry_SYSCALL_64_after_hwframe+0x6d/0x75 read to 0xffff888107804542 of 1 bytes by task 27 on cpu 1: dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248 xmit_one net/core/dev.c:3527 [inline] dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547 __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335 dev_queue_xmit include/linux/netdevice.h:3091 [inline] batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108 batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127 batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline] batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335 worker_thread+0x526/0x730 kernel/workqueue.c:3416 kthread+0x1d1/0x210 kernel/kthread.c:388 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/core/dev.c (string)

1 : net/packet/af_packet.c (string)

]

versions : [ »

0 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/core/dev.c (string)

1 : net/packet/af_packet.c (string)

]

versions : [ »

0 : { »

version : 4.20 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 4.20 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 5.4.273 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.10.214 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.15.153 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 6.1.83 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.6.23 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.7.11 (string)

lessThanOrEqual : 6.7.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.8.2 (string)

lessThanOrEqual : 6.8.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 6.9 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 5.4.273 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 5.10.214 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 5.15.153 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 6.1.83 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 6.6.23 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 6.7.11 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 6.8.2 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.20 (string)

versionEndExcluding : 6.9 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

}

2 : { »

url : https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

}

]

title : packet: annotate data-races around ignore_outgoing (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-06-17T17:41:30.819714Z (string)

id : CVE-2024-26862 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-17T17:48:16.027Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T00:21:04.133Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:04.133Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26862", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-17T17:41:30.819714Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:41:31.850Z"}}], "cna": {"title": "packet: annotate data-races around ignore_outgoing", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "84c510411e321caff3c07e6cd0f917f06633cfc0", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "68e84120319d4fc298fcdb14cf0bea6a0f64ffbd", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "d35b62c224e70797f8a1c37fe9bc4b3e294b7560", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "ef7eed7e11d23337310ecc2c014ecaeea52719c5", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "2c02c5059c78a52d170bdee4a369b470de6deb37", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "ee413f30ec4fe94a0bdf32c8f042cb06fa913234", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "8b1e273c6afcf00d3c40a54ada7d6aac1b503b97", "versionType": "git"}, {"status": "affected", "version": "fa788d986a3aac5069378ed04697bd06f83d3488", "lessThan": "6ebfad33161afacb3e1e59ed1c2feefef70f9f97", "versionType": "git"}], "programFiles": ["net/core/dev.c", "net/packet/af_packet.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.20"}, {"status": "unaffected", "version": "0", "lessThan": "4.20", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.273", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/core/dev.c", "net/packet/af_packet.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0"}, {"url": "https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd"}, {"url": "https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560"}, {"url": "https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5"}, {"url": "https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37"}, {"url": "https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234"}, {"url": "https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97"}, {"url": "https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -> 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G        W          6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:48:55.281Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26862", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:48:55.281Z", "dateReserved": "2024-02-19T14:20:24.184Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:27:25.634Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T00:21:04.133Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-26862 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-06-17T17:41:30.819714Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-17T17:41:31.850Z (string)

}

]

cna : { »

title : packet: annotate data-races around ignore_outgoing (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : fa788d986a3aac5069378ed04697bd06f83d3488 (string)

lessThan : 6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : net/core/dev.c (string)

1 : net/packet/af_packet.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4.20 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 4.20 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 5.4.273 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

3 : { »

status : unaffected (string)

version : 5.10.214 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

4 : { »

status : unaffected (string)

version : 5.15.153 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

5 : { »

status : unaffected (string)

version : 6.1.83 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

6 : { »

status : unaffected (string)

version : 6.6.23 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

7 : { »

status : unaffected (string)

version : 6.7.11 (string)

versionType : semver (string)

lessThanOrEqual : 6.7.* (string)

}

8 : { »

status : unaffected (string)

version : 6.8.2 (string)

versionType : semver (string)

lessThanOrEqual : 6.8.* (string)

}

9 : { »

status : unaffected (string)

version : 6.9 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : net/core/dev.c (string)

1 : net/packet/af_packet.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

}

2 : { »

url : https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

}

]

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: BUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0: packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003 do_sock_setsockopt net/socket.c:2311 [inline] __sys_setsockopt+0x1d8/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [inline] __se_sys_setsockopt net/socket.c:2340 [inline] __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340 do_syscall_64+0xd3/0x1d0 entry_SYSCALL_64_after_hwframe+0x6d/0x75 read to 0xffff888107804542 of 1 bytes by task 27 on cpu 1: dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248 xmit_one net/core/dev.c:3527 [inline] dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547 __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335 dev_queue_xmit include/linux/netdevice.h:3091 [inline] batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108 batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127 batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline] batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335 worker_thread+0x526/0x730 kernel/workqueue.c:3416 kthread+0x1d1/0x210 kernel/kthread.c:388 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T08:48:55.281Z (string)

}

cveMetadata : { »

cveId : CVE-2024-26862 (string)

state : PUBLISHED (string)

dateUpdated : 2024-12-19T08:48:55.281Z (string)

dateReserved : 2024-02-19T14:20:24.184Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-04-17T10:27:25.634Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -> 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G        W          6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: paquete: anotar carreras de datos alrededor de ignore_outgoing ignore_outgoing se lee sin bloqueo desde dev_queue_xmit_nit() y paquete_getsockopt() Agregue las anotaciones READ_ONCE()/WRITE_ONCE() apropiadas. syzbot inform\u00f3: ERROR: KCSAN: carrera de datos en dev_queue_xmit_nit/packet_setsockopt escribir en 0xffff888107804542 de 1 bytes por tarea 22618 en la CPU 0: paquete_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003 do_sock_setsockopt net/socket.c :2311 [ en l\u00ednea] __sys_setsockopt+0x1d8/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [en l\u00ednea] __se_sys_setsockopt net/socket.c:2340 [en l\u00ednea] __x64_sys_setsockopt+0x66/0x80 :2340 do_syscall_64+ 0xd3/0x1d0 Entry_SYSCALL_64_after_hwframe+0x6d/0x75 le\u00eddo en 0xffff888107804542 de 1 byte por tarea 27 en la CPU 1: dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248 xmit_one net/core/dev.c:3527 l\u00ednea] dev_hard_start_xmit+ 0xcc/0x3f0 net/core/dev.c:3547 __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335 dev_queue_xmit include/linux/netdevice.h:3091 [en l\u00ednea] batadv_send_skb_packet+0x264/0x300 net/batman-adv/ send.c:108 batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127 batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [en l\u00ednea] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [en l\u00ednea ] batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700 Process_one_work kernel/workqueue.c:3254 [en l\u00ednea] Process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335 trabajador_thread+0x526/0x730 n\u00facleo/cola de trabajo.c :3416 kthread+0x1d1/0x210 kernel/kthread.c:388 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 valor cambiado: 0x00 -&gt; 0x01 Reportado por Kernel Concurrency Sanitizer en: CPU: 1 PID: 27 Comm: kworker/u8:1 Contaminado: GW 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 29/02/2024 Cola de trabajo: bat_events batadv_iv_send_outstanding_bat_ogm_packet"}], "id": "CVE-2024-26862", "lastModified": "2024-11-21T09:03:14.403", "metrics": {}, "published": "2024-04-17T11:15:09.050", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: BUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0: packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003 do_sock_setsockopt net/socket.c:2311 [inline] __sys_setsockopt+0x1d8/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [inline] __se_sys_setsockopt net/socket.c:2340 [inline] __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340 do_syscall_64+0xd3/0x1d0 entry_SYSCALL_64_after_hwframe+0x6d/0x75 read to 0xffff888107804542 of 1 bytes by task 27 on cpu 1: dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248 xmit_one net/core/dev.c:3527 [inline] dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547 __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335 dev_queue_xmit include/linux/netdevice.h:3091 [inline] batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108 batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127 batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline] batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335 worker_thread+0x526/0x730 kernel/workqueue.c:3416 kthread+0x1d1/0x210 kernel/kthread.c:388 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: paquete: anotar carreras de datos alrededor de ignore_outgoing ignore_outgoing se lee sin bloqueo desde dev_queue_xmit_nit() y paquete_getsockopt() Agregue las anotaciones READ_ONCE()/WRITE_ONCE() apropiadas. syzbot informó: ERROR: KCSAN: carrera de datos en dev_queue_xmit_nit/packet_setsockopt escribir en 0xffff888107804542 de 1 bytes por tarea 22618 en la CPU 0: paquete_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003 do_sock_setsockopt net/socket.c :2311 [ en línea] __sys_setsockopt+0x1d8/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [en línea] __se_sys_setsockopt net/socket.c:2340 [en línea] __x64_sys_setsockopt+0x66/0x80 :2340 do_syscall_64+ 0xd3/0x1d0 Entry_SYSCALL_64_after_hwframe+0x6d/0x75 leído en 0xffff888107804542 de 1 byte por tarea 27 en la CPU 1: dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248 xmit_one net/core/dev.c:3527 línea] dev_hard_start_xmit+ 0xcc/0x3f0 net/core/dev.c:3547 __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335 dev_queue_xmit include/linux/netdevice.h:3091 [en línea] batadv_send_skb_packet+0x264/0x300 net/batman-adv/ send.c:108 batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127 batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [en línea] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [en línea ] batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700 Process_one_work kernel/workqueue.c:3254 [en línea] Process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335 trabajador_thread+0x526/0x730 núcleo/cola de trabajo.c :3416 kthread+0x1d1/0x210 kernel/kthread.c:388 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 valor cambiado: 0x00 -> 0x01 Reportado por Kernel Concurrency Sanitizer en: CPU: 1 PID: 27 Comm: kworker/u8:1 Contaminado: GW 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 29/02/2024 Cola de trabajo: bat_events batadv_iv_send_outstanding_bat_ogm_packet (string)

}

]

id : CVE-2024-26862 (string)

lastModified : 2024-11-21T09:03:14.403 (string)

metrics : { *empty* }

published : 2024-04-17T11:15:09.050 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/2c02c5059c78a52d170bdee4a369b470de6deb37 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/68e84120319d4fc298fcdb14cf0bea6a0f64ffbd (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/6ebfad33161afacb3e1e59ed1c2feefef70f9f97 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/84c510411e321caff3c07e6cd0f917f06633cfc0 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/8b1e273c6afcf00d3c40a54ada7d6aac1b503b97 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/d35b62c224e70797f8a1c37fe9bc4b3e294b7560 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/ee413f30ec4fe94a0bdf32c8f042cb06fa913234 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/ef7eed7e11d23337310ecc2c014ecaeea52719c5 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Awaiting Analysis (string)

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: packet: annotate data-races around ignore_outgoing", "id": "2275727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275727"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-362", "details": ["In the Linux kernel, the following vulnerability has been resolved:\npacket: annotate data-races around ignore_outgoing\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\nsyzbot reported:\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\npacket_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\ndo_sock_setsockopt net/socket.c:2311 [inline]\n__sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n__do_sys_setsockopt net/socket.c:2343 [inline]\n__se_sys_setsockopt net/socket.c:2340 [inline]\n__x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\ndo_syscall_64+0xd3/0x1d0\nentry_SYSCALL_64_after_hwframe+0x6d/0x75\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\ndev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\nxmit_one net/core/dev.c:3527 [inline]\ndev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n__dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\ndev_queue_xmit include/linux/netdevice.h:3091 [inline]\nbatadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\nbatadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\nbatadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\nbatadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\nbatadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\nprocess_one_work kernel/workqueue.c:3254 [inline]\nprocess_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\nworker_thread+0x526/0x730 kernel/workqueue.c:3416\nkthread+0x1d1/0x210 kernel/kthread.c:388\nret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\nvalue changed: 0x00 -> 0x01\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G        W          6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet"], "name": "CVE-2024-26862", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26862\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26862\nhttps://lore.kernel.org/linux-cve-announce/2024041736-CVE-2024-26862-2605@gregkh/T"], "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2024:9315 (string)

cpe : cpe:/a:redhat:enterprise_linux:9 (string)

package : kernel-0:5.14.0-503.11.1.el9_5 (string)

product_name : Red Hat Enterprise Linux 9 (string)

release_date : 2024-11-12T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2024:9315 (string)

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

package : kernel-0:5.14.0-503.11.1.el9_5 (string)

product_name : Red Hat Enterprise Linux 9 (string)

release_date : 2024-11-12T00:00:00Z (string)

}

]

bugzilla : { »

description : kernel: packet: annotate data-races around ignore_outgoing (string)

id : 2275727 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2275727 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.7 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : verified (string)

}

cwe : CWE-362 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: BUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0: packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003 do_sock_setsockopt net/socket.c:2311 [inline] __sys_setsockopt+0x1d8/0x250 net/socket.c:2334 __do_sys_setsockopt net/socket.c:2343 [inline] __se_sys_setsockopt net/socket.c:2340 [inline] __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340 do_syscall_64+0xd3/0x1d0 entry_SYSCALL_64_after_hwframe+0x6d/0x75 read to 0xffff888107804542 of 1 bytes by task 27 on cpu 1: dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248 xmit_one net/core/dev.c:3527 [inline] dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547 __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335 dev_queue_xmit include/linux/netdevice.h:3091 [inline] batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108 batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127 batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline] batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335 worker_thread+0x526/0x730 kernel/workqueue.c:3416 kthread+0x1d1/0x210 kernel/kthread.c:388 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet (string)

]

name : CVE-2024-26862 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-04-17T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-26862 https://nvd.nist.gov/vuln/detail/CVE-2024-26862 https://lore.kernel.org/linux-cve-announce/2024041736-CVE-2024-26862-2605@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object