CVE-2024-27019
- Source
- https://cve.org/CVERecord?id=CVE-2024-27019
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27019.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-27019
- Downstream
- Related
- Published
- 2024-05-01T05:30:11.319Z
- Modified
- 2026-05-28T03:53:34.842349837Z
- Summary
- netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix potential data-race in _nftobjtypeget()
nftunregisterobj() can concurrent with __nftobjtype_get(), and there is not any protection when iterate over nftablesobjects list in _nftobjtypeget(). Therefore, there is potential data-race of nftablesobjects list entry.
Use listforeachentryrcu() to iterate over nftablesobjects list in __nftobjtypeget(), and use rcureadlock() in the caller nftobjtypeget() to protect the entire type query process.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27019.json" }- References
-
- https://git.kernel.org/stable/c/379bf7257bc5f2a1b1ca8514e08a871b7bf6d920
- https://git.kernel.org/stable/c/4ca946b19caf655a08d5e2266d4d5526025ebb73
- https://git.kernel.org/stable/c/ad333578f736d56920e090d7db1f8dec891d815e
- https://git.kernel.org/stable/c/cade34279c2249eafe528564bd2e203e4ff15f88
- https://git.kernel.org/stable/c/d78d867dcea69c328db30df665be5be7d0148484
- https://git.kernel.org/stable/c/df7c0fb8c2b9f9cac65659332581b19682a71349
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27019.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-27019
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede50092404c1bc7aaeb0a0f4077fa6f07b073a20fFixedcade34279c2249eafe528564bd2e203e4ff15f88Fixed379bf7257bc5f2a1b1ca8514e08a871b7bf6d920Fixeddf7c0fb8c2b9f9cac65659332581b19682a71349Fixedad333578f736d56920e090d7db1f8dec891d815eFixed4ca946b19caf655a08d5e2266d4d5526025ebb73Fixedd78d867dcea69c328db30df665be5be7d0148484