CVE-2024-49864
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-49864
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49864.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-49864
- Downstream
- Related
- Published
- 2024-10-21T18:01:07Z
- Modified
- 2025-10-17T14:02:53.753956Z
- Summary
- rxrpc: Fix a race between socket set up and I/O thread creation
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix a race between socket set up and I/O thread creation
In rxrpcopensocket(), it sets up the socket and then sets up the I/O thread that will handle it. This is a problem, however, as there's a gap between the two phases in which a packet may come into rxrpcencaprcv() from the UDP packet but we oops when trying to wake the not-yet created I/O thread.
As a quick fix, just make rxrpcencaprcv() discard the packet if there's no I/O thread yet.
A better, but more intrusive fix would perhaps be to rearrange things such that the socket creation is done by the I/O thread.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/56e415202b8a17de6496f4023e545fcb66f118ec
- https://git.kernel.org/stable/c/bc212465326e8587325f520a052346f0b57360e6
- https://git.kernel.org/stable/c/c64f5fc95e9612fdf75587c8e21e494e614c18e2
- https://git.kernel.org/stable/c/cdf4bbbdb956d7426f687f38757ebca2a2759a0f
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda275da62e8c111b897b9cb73eb91df2f4e475ca5Fixedcdf4bbbdb956d7426f687f38757ebca2a2759a0f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda275da62e8c111b897b9cb73eb91df2f4e475ca5Fixed56e415202b8a17de6496f4023e545fcb66f118ec
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda275da62e8c111b897b9cb73eb91df2f4e475ca5Fixedc64f5fc95e9612fdf75587c8e21e494e614c18e2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda275da62e8c111b897b9cb73eb91df2f4e475ca5Fixedbc212465326e8587325f520a052346f0b57360e6
Affected versions
v6.*
v6.1
v6.1-rc8
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.10
v6.10.11
v6.10.12
v6.10.13
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.10.7
v6.10.8
v6.10.9
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.12-rc1
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "238941814683315622187625124040083578056",
"length": 1763.0
},
"id": "CVE-2024-49864-1f7193f3",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/local_object.c",
"function": "rxrpc_open_socket"
},
"deprecated": false
},
{
"digest": {
"function_hash": "55524693150517781643568921591383039588",
"length": 3082.0
},
"id": "CVE-2024-49864-2312b183",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_io_thread"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"92933471831978604491441695165263505939",
"221083588120328718923257643055921699668",
"117477027999428642447994343537715376774",
"224155422685902178654253144046882530797"
]
},
"id": "CVE-2024-49864-298ff762",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/local_object.c"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"94049312076168140811884864914227606231",
"212759154148549394299256810365745942014",
"298377332749766946378009728161600254230",
"236744855535719246950392700826099640787"
]
},
"id": "CVE-2024-49864-2b2eda10",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/ar-internal.h"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"273632794884361595907209315988972173668",
"126393904170366514878603186748074905737",
"163947714252545031734081769605403994807",
"237264287419586128858410913711802635570",
"282510475811605798155312474438121161398",
"252917460528012831597651176257967545640",
"278530934677564530428329050900226958019",
"297774334615226478797830260324498573314",
"185623594831850606164359407973394561273",
"29539908882427475711113962844753824646",
"17921275402698958736924162668238200125",
"262829575436118643151239702333758142558",
"280425693233268321017207995659296172066",
"191302230134158883844723015390056279691",
"201433486363397867805665834648413050481",
"4263351866382859883085138540062881810"
]
},
"id": "CVE-2024-49864-31bc0a99",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/io_thread.c"
},
"deprecated": false
},
{
"digest": {
"function_hash": "55524693150517781643568921591383039588",
"length": 3082.0
},
"id": "CVE-2024-49864-3bba2c6c",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_io_thread"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"92933471831978604491441695165263505939",
"221083588120328718923257643055921699668",
"117477027999428642447994343537715376774",
"224155422685902178654253144046882530797"
]
},
"id": "CVE-2024-49864-476c8eda",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/local_object.c"
},
"deprecated": false
},
{
"digest": {
"function_hash": "55524693150517781643568921591383039588",
"length": 3082.0
},
"id": "CVE-2024-49864-498221bf",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_io_thread"
},
"deprecated": false
},
{
"digest": {
"function_hash": "238941814683315622187625124040083578056",
"length": 1763.0
},
"id": "CVE-2024-49864-5ed0394f",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/local_object.c",
"function": "rxrpc_open_socket"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"92933471831978604491441695165263505939",
"221083588120328718923257643055921699668",
"117477027999428642447994343537715376774",
"224155422685902178654253144046882530797"
]
},
"id": "CVE-2024-49864-72f85809",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/local_object.c"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"94049312076168140811884864914227606231",
"212759154148549394299256810365745942014",
"298377332749766946378009728161600254230",
"236744855535719246950392700826099640787"
]
},
"id": "CVE-2024-49864-7517eab9",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/ar-internal.h"
},
"deprecated": false
},
{
"digest": {
"function_hash": "119272095209910970482571792453388122205",
"length": 84.0
},
"id": "CVE-2024-49864-8237e707",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/ar-internal.h",
"function": "rxrpc_wake_up_io_thread"
},
"deprecated": false
},
{
"digest": {
"function_hash": "205447857913871303688616397831929621551",
"length": 617.0
},
"id": "CVE-2024-49864-8746a648",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_encap_rcv"
},
"deprecated": false
},
{
"digest": {
"function_hash": "55524693150517781643568921591383039588",
"length": 3082.0
},
"id": "CVE-2024-49864-8bf44579",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_io_thread"
},
"deprecated": false
},
{
"digest": {
"function_hash": "205447857913871303688616397831929621551",
"length": 617.0
},
"id": "CVE-2024-49864-943baaa8",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_encap_rcv"
},
"deprecated": false
},
{
"digest": {
"function_hash": "238941814683315622187625124040083578056",
"length": 1763.0
},
"id": "CVE-2024-49864-a06414d5",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/local_object.c",
"function": "rxrpc_open_socket"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"94049312076168140811884864914227606231",
"212759154148549394299256810365745942014",
"298377332749766946378009728161600254230",
"236744855535719246950392700826099640787"
]
},
"id": "CVE-2024-49864-a86b63b9",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/ar-internal.h"
},
"deprecated": false
},
{
"digest": {
"function_hash": "119272095209910970482571792453388122205",
"length": 84.0
},
"id": "CVE-2024-49864-adfaed14",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/ar-internal.h",
"function": "rxrpc_wake_up_io_thread"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"94049312076168140811884864914227606231",
"212759154148549394299256810365745942014",
"298377332749766946378009728161600254230",
"236744855535719246950392700826099640787"
]
},
"id": "CVE-2024-49864-b595a4fa",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/ar-internal.h"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"273632794884361595907209315988972173668",
"126393904170366514878603186748074905737",
"163947714252545031734081769605403994807",
"237264287419586128858410913711802635570",
"282510475811605798155312474438121161398",
"252917460528012831597651176257967545640",
"278530934677564530428329050900226958019",
"297774334615226478797830260324498573314",
"185623594831850606164359407973394561273",
"29539908882427475711113962844753824646",
"17921275402698958736924162668238200125",
"262829575436118643151239702333758142558",
"280425693233268321017207995659296172066",
"191302230134158883844723015390056279691",
"201433486363397867805665834648413050481",
"4263351866382859883085138540062881810"
]
},
"id": "CVE-2024-49864-bad2e554",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cdf4bbbdb956d7426f687f38757ebca2a2759a0f",
"target": {
"file": "net/rxrpc/io_thread.c"
},
"deprecated": false
},
{
"digest": {
"function_hash": "119272095209910970482571792453388122205",
"length": 84.0
},
"id": "CVE-2024-49864-c0da0b89",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/ar-internal.h",
"function": "rxrpc_wake_up_io_thread"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"273632794884361595907209315988972173668",
"126393904170366514878603186748074905737",
"163947714252545031734081769605403994807",
"237264287419586128858410913711802635570",
"282510475811605798155312474438121161398",
"252917460528012831597651176257967545640",
"278530934677564530428329050900226958019",
"297774334615226478797830260324498573314",
"185623594831850606164359407973394561273",
"29539908882427475711113962844753824646",
"17921275402698958736924162668238200125",
"262829575436118643151239702333758142558",
"280425693233268321017207995659296172066",
"191302230134158883844723015390056279691",
"201433486363397867805665834648413050481",
"4263351866382859883085138540062881810"
]
},
"id": "CVE-2024-49864-c93f5d71",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/io_thread.c"
},
"deprecated": false
},
{
"digest": {
"function_hash": "205447857913871303688616397831929621551",
"length": 617.0
},
"id": "CVE-2024-49864-ccfb529e",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_encap_rcv"
},
"deprecated": false
},
{
"digest": {
"function_hash": "238941814683315622187625124040083578056",
"length": 1763.0
},
"id": "CVE-2024-49864-d2142b56",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/local_object.c",
"function": "rxrpc_open_socket"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"92933471831978604491441695165263505939",
"221083588120328718923257643055921699668",
"117477027999428642447994343537715376774",
"224155422685902178654253144046882530797"
]
},
"id": "CVE-2024-49864-db32a74f",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/local_object.c"
},
"deprecated": false
},
{
"digest": {
"function_hash": "205447857913871303688616397831929621551",
"length": 617.0
},
"id": "CVE-2024-49864-df38ac9a",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bc212465326e8587325f520a052346f0b57360e6",
"target": {
"file": "net/rxrpc/io_thread.c",
"function": "rxrpc_encap_rcv"
},
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"273632794884361595907209315988972173668",
"126393904170366514878603186748074905737",
"163947714252545031734081769605403994807",
"237264287419586128858410913711802635570",
"282510475811605798155312474438121161398",
"252917460528012831597651176257967545640",
"278530934677564530428329050900226958019",
"297774334615226478797830260324498573314",
"185623594831850606164359407973394561273",
"29539908882427475711113962844753824646",
"17921275402698958736924162668238200125",
"262829575436118643151239702333758142558",
"280425693233268321017207995659296172066",
"191302230134158883844723015390056279691",
"201433486363397867805665834648413050481",
"4263351866382859883085138540062881810"
]
},
"id": "CVE-2024-49864-e1426474",
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c64f5fc95e9612fdf75587c8e21e494e614c18e2",
"target": {
"file": "net/rxrpc/io_thread.c"
},
"deprecated": false
},
{
"digest": {
"function_hash": "119272095209910970482571792453388122205",
"length": 84.0
},
"id": "CVE-2024-49864-fda9048d",
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56e415202b8a17de6496f4023e545fcb66f118ec",
"target": {
"file": "net/rxrpc/ar-internal.h",
"function": "rxrpc_wake_up_io_thread"
},
"deprecated": false
}
]