In the Linux kernel, the following vulnerability has been resolved:
ila: block BH in ila_output()
As explained in commit 1378817486d6 ("tipc: block BH
before using dst_cache"), net/core/dst_cache.c
helpers need to be called with BH disabled.
ila_output() is called from lwtunnel_output()
possibly from process context, and under rcu_read_lock().
We might be interrupted by a softirq, re-enter ila_output()
and corrupt dst_cache data structures.
Fix the race by using local_bh_disable().
Metrics
Affected Vendors & Products
References
History
Wed, 11 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 19 Aug 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-667 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-29T15:04:18.459Z
Updated: 2024-12-19T09:11:33.050Z
Reserved: 2024-07-12T12:17:45.633Z
Link: CVE-2024-41081
Vulnrichment
Updated: 2024-08-02T04:46:51.185Z
NVD
Status : Awaiting Analysis
Published: 2024-07-29T15:15:15.593
Modified: 2024-11-21T09:32:12.353
Link: CVE-2024-41081
Redhat