fkie_cve-2024-56637
Vulnerability from fkie_nvd
Published
2024-12-27 15:15
Modified
2024-12-27 15:15
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ip_set.ko while it is itself requesting a set type backend module, leading to a kernel crash. The race condition may be provoked by inserting an mdelay() right after the nfnl_unlock() call.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0e67805e805c1f3edd6f43adbe08ea14b552694b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/456f010bfaefde84d3390c755eedb1b0a5857c3c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5bae60a933ba5d16eed55c6b279be51bcbbc79b0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6099b5d3e37145484fac4b8b4070c3f1abfb3519
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/90bf312a6b6b3d6012137f6776a4052ee85e0340
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ba5e070f36682d07ca7ad2a953e6c9d96be19dca
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e5e2d3024753fdaca818b822e3827614bacbdccf
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Hold module reference while requesting a module\n\nUser space may unload ip_set.ko while it is itself requesting a set type\nbackend module, leading to a kernel crash. The race condition may be\nprovoked by inserting an mdelay() right after the nfnl_unlock() call."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: ipset: Mantener la referencia del m\u00f3dulo mientras se solicita un m\u00f3dulo El espacio de usuario puede descargar ip_set.ko mientras solicita un m\u00f3dulo de backend de tipo set, lo que provoca un bloqueo del kernel. La condici\u00f3n de ejecuci\u00f3n puede provocarse insertando un mdelay() justo despu\u00e9s de la llamada nfnl_unlock()."
    }
  ],
  "id": "CVE-2024-56637",
  "lastModified": "2024-12-27T15:15:23.430",
  "metrics": {},
  "published": "2024-12-27T15:15:23.430",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0e67805e805c1f3edd6f43adbe08ea14b552694b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/456f010bfaefde84d3390c755eedb1b0a5857c3c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5bae60a933ba5d16eed55c6b279be51bcbbc79b0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6099b5d3e37145484fac4b8b4070c3f1abfb3519"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/90bf312a6b6b3d6012137f6776a4052ee85e0340"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/ba5e070f36682d07ca7ad2a953e6c9d96be19dca"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/e5e2d3024753fdaca818b822e3827614bacbdccf"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.