CVE-2024-26862

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26862
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26862.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26862
Downstream
Related
Published
2024-04-17T10:27:25.634Z
Modified
2025-11-28T02:35:08.488759Z
Summary
packet: annotate data-races around ignore_outgoing
Details

In the Linux kernel, the following vulnerability has been resolved:

packet: annotate data-races around ignore_outgoing

ignoreoutgoing is read locklessly from devqueuexmitnit() and packet_getsockopt()

Add appropriate READONCE()/WRITEONCE() annotations.

syzbot reported:

BUG: KCSAN: data-race in devqueuexmitnit / packetsetsockopt

write to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0: packetsetsockopt+0xd83/0xfd0 net/packet/afpacket.c:4003 dosocksetsockopt net/socket.c:2311 [inline] _syssetsockopt+0x1d8/0x250 net/socket.c:2334 _dosyssetsockopt net/socket.c:2343 [inline] _sesyssetsockopt net/socket.c:2340 [inline] _x64syssetsockopt+0x66/0x80 net/socket.c:2340 dosyscall64+0xd3/0x1d0 entrySYSCALL64after_hwframe+0x6d/0x75

read to 0xffff888107804542 of 1 bytes by task 27 on cpu 1: devqueuexmitnit+0x82/0x620 net/core/dev.c:2248 xmitone net/core/dev.c:3527 [inline] devhardstartxmit+0xcc/0x3f0 net/core/dev.c:3547 _devqueuexmit+0xf24/0x1dd0 net/core/dev.c:4335 devqueuexmit include/linux/netdevice.h:3091 [inline] batadvsendskbpacket+0x264/0x300 net/batman-adv/send.c:108 batadvsendbroadcastskb+0x24/0x30 net/batman-adv/send.c:127 batadvivogmsendtoif net/batman-adv/bativogm.c:392 [inline] batadvivogmemit net/batman-adv/bativogm.c:420 [inline] batadvivsendoutstandingbatogmpacket+0x3f0/0x4b0 net/batman-adv/bativogm.c:1700 processonework kernel/workqueue.c:3254 [inline] processscheduledworks+0x465/0x990 kernel/workqueue.c:3335 workerthread+0x526/0x730 kernel/workqueue.c:3416 kthread+0x1d1/0x210 kernel/kthread.c:388 retfromfork+0x4b/0x60 arch/x86/kernel/process.c:147 retfromforkasm+0x1a/0x30 arch/x86/entry/entry_64.S:243

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 Workqueue: batevents batadvivsendoutstandingbatogm_packet

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26862.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fa788d986a3aac5069378ed04697bd06f83d3488
Fixed
84c510411e321caff3c07e6cd0f917f06633cfc0
Fixed
68e84120319d4fc298fcdb14cf0bea6a0f64ffbd
Fixed
d35b62c224e70797f8a1c37fe9bc4b3e294b7560
Fixed
ef7eed7e11d23337310ecc2c014ecaeea52719c5
Fixed
2c02c5059c78a52d170bdee4a369b470de6deb37
Fixed
ee413f30ec4fe94a0bdf32c8f042cb06fa913234
Fixed
8b1e273c6afcf00d3c40a54ada7d6aac1b503b97
Fixed
6ebfad33161afacb3e1e59ed1c2feefef70f9f97

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.273
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.214
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.153
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.83
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.23
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.11
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.2