We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56637

netfilter: ipset: Hold module reference while requesting a module



Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ip_set.ko while it is itself requesting a set type backend module, leading to a kernel crash. The race condition may be provoked by inserting an mdelay() right after the nfnl_unlock() call.

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

a7b4f989a629493bb4ec4a354def784d440b32c4 before e5e2d3024753fdaca818b822e3827614bacbdccf
affected

a7b4f989a629493bb4ec4a354def784d440b32c4 before 6099b5d3e37145484fac4b8b4070c3f1abfb3519
affected

a7b4f989a629493bb4ec4a354def784d440b32c4 before 0e67805e805c1f3edd6f43adbe08ea14b552694b
affected

a7b4f989a629493bb4ec4a354def784d440b32c4 before 5bae60a933ba5d16eed55c6b279be51bcbbc79b0
affected

a7b4f989a629493bb4ec4a354def784d440b32c4 before 90bf312a6b6b3d6012137f6776a4052ee85e0340
affected

a7b4f989a629493bb4ec4a354def784d440b32c4 before ba5e070f36682d07ca7ad2a953e6c9d96be19dca
affected

a7b4f989a629493bb4ec4a354def784d440b32c4 before 456f010bfaefde84d3390c755eedb1b0a5857c3c
affected

Default status
affected

2.6.39
affected

Any version before 2.6.39
unaffected

5.4.287
unaffected

5.10.231
unaffected

5.15.174
unaffected

6.1.120
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13
unaffected

References

git.kernel.org/...c/e5e2d3024753fdaca818b822e3827614bacbdccf

git.kernel.org/...c/6099b5d3e37145484fac4b8b4070c3f1abfb3519

git.kernel.org/...c/0e67805e805c1f3edd6f43adbe08ea14b552694b

git.kernel.org/...c/5bae60a933ba5d16eed55c6b279be51bcbbc79b0

git.kernel.org/...c/90bf312a6b6b3d6012137f6776a4052ee85e0340

git.kernel.org/...c/ba5e070f36682d07ca7ad2a953e6c9d96be19dca

git.kernel.org/...c/456f010bfaefde84d3390c755eedb1b0a5857c3c

cve.org (CVE-2024-56637)

nvd.nist.gov (CVE-2024-56637)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56637

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.