CVE-2024-27020

May 1, 2024, 1:01 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.

Product(s) Impacted

Product Versions
Linux kernel
Linux Kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f
https://git.kernel.org/stable/c/0b6de00206adbbfc6373b3ae38d2a6f197987907
https://git.kernel.org/stable/c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5
https://git.kernel.org/stable/c/a9ebf340d123ae12582210407f879d6a5a1bc25b
https://git.kernel.org/stable/c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf

Tags

2024-05-01
416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVE-2024-27020

Date

  • Published: May 1, 2024, 6:15 a.m.
  • Last Modified: May 1, 2024, 1:01 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.