CVE-2024-50294
MEDIUM EPSS 5.7%
Published Nov 19, 20241y ago · Modified Jun 17, 20261w ago
4.7 CVSS 3.1
Published Nov 19, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connection and it will be removed from local->new_client_calls by rxrpc_disconnect_client_call() without a lock being held. This may cause other calls on the list to disappear if a race occurs. Fix this by taking the client_call_lock when removing a call from whatever list its ->wait_link happens to be on.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
5.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-667
Affected Products 14
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥6.2.1 – <6.6.61 |
| linux | linux_kernel | * | ≥6.7 – <6.11.8 |
| linux | linux_kernel | 6.2 | any |
| linux | linux_kernel | 6.2 | any |
| linux | linux_kernel | 6.2 | any |
| linux | linux_kernel | 6.2 | any |
| linux | linux_kernel | 6.2 | any |
| linux | linux_kernel | 6.2 | any |
| linux | linux_kernel | 6.12 | any |
| linux | linux_kernel | 6.12 | any |
| linux | linux_kernel | 6.12 | any |
| linux | linux_kernel | 6.12 | any |
| linux | linux_kernel | 6.12 | any |
| linux | linux_kernel | 6.12 | any |
References 3
- git.kernel.org https://git.kernel.org/stable/c/996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92
- git.kernel.org https://git.kernel.org/stable/c/b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b
- git.kernel.org https://git.kernel.org/stable/c/fc9de52de38f656399d2ce40f7349a6b5f86e787
Remediation
- git.kernel.org https://git.kernel.org/stable/c/996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92
- git.kernel.org https://git.kernel.org/stable/c/b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b
- git.kernel.org https://git.kernel.org/stable/c/fc9de52de38f656399d2ce40f7349a6b5f86e787