CVE-2024-58053

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix handling of received connection abort

Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection. Whilst the propagation bit is performed, the calls aren't then woken up to go and process their termination, and as no further input is forthcoming, they just hang.

Also add some tracing for the logging of connection aborts.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux248f219cb8bcbfbd7f132752d44afa2df7c241d1 < 9c6702260557c0183d8417c79a37777a3d3e58e8affected
LinuxLinux248f219cb8bcbfbd7f132752d44afa2df7c241d1 < 5842ce7b120c65624052a8da04460d35b26caac0affected
LinuxLinux248f219cb8bcbfbd7f132752d44afa2df7c241d1 < 96d1d927c4d03ee9dcee7640bca70b74e63504fcaffected
LinuxLinux248f219cb8bcbfbd7f132752d44afa2df7c241d1 < 0e56ebde245e4799ce74d38419426f2a80d39950affected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux6.6.76 <= 6.6.*unaffected
LinuxLinux6.12.13 <= 6.12.*unaffected
LinuxLinux6.13.2 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

References