In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
nft_unregister_obj() can concurrent with __nft_obj_type_get(),
and there is not any protection when iterate over nf_tables_objects
list in __nft_obj_type_get(). Therefore, there is potential data-race
of nf_tables_objects list entry.
Use list_for_each_entry_rcu() to iterate over nf_tables_objects
list in __nft_obj_type_get(), and use rcu_read_lock() in the caller
nft_obj_type_get() to protect the entire type query process.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Dec 2024 09:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 24 Sep 2024 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:rhel_eus:8.8 |
Wed, 18 Sep 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
Wed, 28 Aug 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
Thu, 08 Aug 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat enterprise Linux
|
|
CPEs | cpe:/a:redhat:enterprise_linux:8::nfv cpe:/o:redhat:enterprise_linux:8 |
|
Vendors & Products |
Redhat enterprise Linux
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-01T05:30:11.319Z
Updated: 2024-12-19T08:52:37.722Z
Reserved: 2024-02-19T14:20:24.209Z
Link: CVE-2024-27019
Vulnrichment
Updated: 2024-08-02T00:21:05.919Z
NVD
Status : Modified
Published: 2024-05-01T06:15:20.743
Modified: 2024-11-21T09:03:40.513
Link: CVE-2024-27019
Redhat