We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50294

rxrpc: Fix missing locking causing hanging calls



Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connection and it will be removed from local->new_client_calls by rxrpc_disconnect_client_call() without a lock being held. This may cause other calls on the list to disappear if a race occurs. Fix this by taking the client_call_lock when removing a call from whatever list its ->wait_link happens to be on.

Reserved 2024-10-21 | Published 2024-11-19 | Updated 2024-11-19 | Assigner Linux

Product status

Default status
unaffected

9d35d880e0e4 before 996a7208dadb
affected

9d35d880e0e4 before b1fdb0bb3b65
affected

9d35d880e0e4 before fc9de52de38f
affected

Default status
affected

6.2
affected

Any version before 6.2
unaffected

6.6.61
unaffected

6.11.8
unaffected

6.12
unaffected

References

git.kernel.org/...c/996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92

git.kernel.org/...c/b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b

git.kernel.org/...c/fc9de52de38f656399d2ce40f7349a6b5f86e787

cve.org (CVE-2024-50294)

nvd.nist.gov (CVE-2024-50294)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50294

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.