NVD Vulnerability Detail
Search Exploit, PoC
CVE-2024-26862
Summary

In the Linux kernel, the following vulnerability has been resolved:

packet: annotate data-races around ignore_outgoing

ignore_outgoing is read locklessly from dev_queue_xmit_nit()
and packet_getsockopt()

Add appropriate READ_ONCE()/WRITE_ONCE() annotations.

syzbot reported:

BUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt

write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:
packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003
do_sock_setsockopt net/socket.c:2311 [inline]
__sys_setsockopt+0x1d8/0x250 net/socket.c:2334
__do_sys_setsockopt net/socket.c:2343 [inline]
__se_sys_setsockopt net/socket.c:2340 [inline]
__x64_sys_setsockopt+0x66/0x80 net/socket.c:2340
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x6d/0x75

read to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:
dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248
xmit_one net/core/dev.c:3527 [inline]
dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547
__dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335
dev_queue_xmit include/linux/netdevice.h:3091 [inline]
batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108
batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127
batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]
batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]
batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700
process_one_work kernel/workqueue.c:3254 [inline]
process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335
worker_thread+0x526/0x730 kernel/workqueue.c:3416
kthread+0x1d1/0x210 kernel/kthread.c:388
ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet

Publication Date April 17, 2024, 8:15 p.m.
Registration Date April 18, 2024, 10:01 a.m.
Last Update March 4, 2025, 2:47 a.m.
CVSS3.1 : MEDIUM
スコア 4.7
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
攻撃元区分(AV) ローカル
攻撃条件の複雑さ(AC)
攻撃に必要な特権レベル(PR)
利用者の関与(UI) 不要
影響の想定範囲(S) 変更なし
機密性への影響(C) なし
完全性への影響(I) なし
可用性への影響(A)
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 6.7.11
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 6.6.23
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 6.1.83
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 5.15.153
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.5 5.10.214
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.20 5.4.273
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.8 6.8.2
Configuration2 or higher or less more than less than
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List
JVN Vulnerability Information
Linux の Linux Kernel 等複数ベンダの製品における競合状態に関する脆弱性
Title Linux の Linux Kernel 等複数ベンダの製品における競合状態に関する脆弱性
Summary

Linux の Linux Kernel 等複数ベンダの製品には、競合状態に関する脆弱性が存在します。

Possible impacts サービス運用妨害 (DoS) 状態にされる可能性があります。 
Solution

ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date March 18, 2024, midnight
Registration Date March 5, 2025, 4:35 p.m.
Last Update March 5, 2025, 4:35 p.m.
Affected System
Debian
Debian GNU/Linux 10.0
Linux
Linux Kernel 4.20 以上 5.4.273 未満
Linux Kernel 5.11 以上 5.15.153 未満
Linux Kernel 5.16 以上 6.1.83 未満
Linux Kernel 5.5 以上 5.10.214 未満
Linux Kernel 6.2 以上 6.6.23 未満
Linux Kernel 6.7 以上 6.7.11 未満
Linux Kernel 6.8 以上 6.8.2 未満
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
No Changed Details Date of change
1 [2025年03月05日]   掲載 March 5, 2025, 12:21 p.m.