CVE-2024-42250

Summary

In the Linux kernel, the following vulnerability has been resolved:

cachefiles: add missing lock protection when polling

Add missing lock protection in poll routine when iterating xarray, otherwise:

Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while the data structure (e.g. struct cachefiles_req) stored in the slot has no such guarantee. The poll routine will iterate the radix tree and dereference cachefiles_req accordingly. Thus RCU read lock is not adequate in this case and spinlock is needed here.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0e19a18f998dcabe8be590e0b39660a1f230209b < 97cfd5e20ddc2e33e16ce369626ce76c9a475fd7affected
LinuxLinux18943864342705fa18dd4e6b8d608491fec81f6e < 6bb6bd3dd6f382dfd36220d4b210a0c77c066651affected
LinuxLinuxb817e22b2e91257ace32a6768c3c003faeaa1c5c < 8eadcab7f3dd809edbe5ae20533ff843dfea3a07affected
LinuxLinuxb817e22b2e91257ace32a6768c3c003faeaa1c5c < cf5bb09e742a9cf6349127e868329a8f69b7a014affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.9.10 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References