CVE-2024-50294
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50294
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50294.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50294
- Downstream
- Related
- Published
- 2024-11-19T01:30:40.699Z
- Modified
- 2025-11-16T07:46:57.256647Z
- Severity
-
- 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- rxrpc: Fix missing locking causing hanging calls
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix missing locking causing hanging calls
If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connection and it will be removed from local->newclientcalls by rxrpcdisconnectclient_call() without a lock being held. This may cause other calls on the list to disappear if a race occurs.
Fix this by taking the clientcalllock when removing a call from whatever list its ->wait_link happens to be on.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9d35d880e0e4a3ab32d8c12f9e4d76198aadd42dFixed996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9d35d880e0e4a3ab32d8c12f9e4d76198aadd42dFixedb1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9d35d880e0e4a3ab32d8c12f9e4d76198aadd42dFixedfc9de52de38f656399d2ce40f7349a6b5f86e787
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.11.7
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fc9de52de38f656399d2ce40f7349a6b5f86e787",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2024-50294-087d7a25",
"target": {
"file": "include/trace/events/rxrpc.h"
},
"digest": {
"line_hashes": [
"266483397727910131389332442769335967817",
"246010498742252334274659096533677039470",
"34272311781822402004308550940306154600",
"258083598368826894779190378317410802501"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fc9de52de38f656399d2ce40f7349a6b5f86e787",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2024-50294-1f3a55ab",
"target": {
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"line_hashes": [
"254003071091280843672162811172582524154",
"25607347164162820156171436585301391770",
"156489522026831078881117892868458472851",
"96258700242911688281212037901361562381",
"213082621949454870515034874757623536527",
"298273750861385866141863562607955887950",
"144184818799881375989368466037961357583",
"336745029086272626664251518318238009906",
"92697801437526173929677342315241311065"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fc9de52de38f656399d2ce40f7349a6b5f86e787",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2024-50294-53749150",
"target": {
"function": "rxrpc_disconnect_client_call",
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"length": 1768.0,
"function_hash": "25008193566655544043628410523975362924"
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2024-50294-5819176c",
"target": {
"function": "rxrpc_connect_client_calls",
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"length": 366.0,
"function_hash": "220029003020114178335040212981520933894"
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2024-50294-5e39742e",
"target": {
"file": "include/trace/events/rxrpc.h"
},
"digest": {
"line_hashes": [
"266483397727910131389332442769335967817",
"246010498742252334274659096533677039470",
"34272311781822402004308550940306154600",
"258083598368826894779190378317410802501"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2024-50294-754b69c4",
"target": {
"function": "rxrpc_connect_client_calls",
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"length": 366.0,
"function_hash": "220029003020114178335040212981520933894"
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2024-50294-7a49a2c4",
"target": {
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"line_hashes": [
"254003071091280843672162811172582524154",
"25607347164162820156171436585301391770",
"156489522026831078881117892868458472851",
"96258700242911688281212037901361562381",
"213082621949454870515034874757623536527",
"298273750861385866141863562607955887950",
"144184818799881375989368466037961357583",
"336745029086272626664251518318238009906",
"92697801437526173929677342315241311065"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fc9de52de38f656399d2ce40f7349a6b5f86e787",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2024-50294-7fb3bdc9",
"target": {
"function": "rxrpc_connect_client_calls",
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"length": 366.0,
"function_hash": "220029003020114178335040212981520933894"
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2024-50294-a2bd0b62",
"target": {
"function": "rxrpc_disconnect_client_call",
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"length": 1781.0,
"function_hash": "138337714504589572126329050901397780667"
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2024-50294-a9eeb649",
"target": {
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"line_hashes": [
"254003071091280843672162811172582524154",
"25607347164162820156171436585301391770",
"156489522026831078881117892868458472851",
"96258700242911688281212037901361562381",
"213082621949454870515034874757623536527",
"298273750861385866141863562607955887950",
"144184818799881375989368466037961357583",
"336745029086272626664251518318238009906",
"92697801437526173929677342315241311065"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b",
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2024-50294-b68dd70c",
"target": {
"function": "rxrpc_disconnect_client_call",
"file": "net/rxrpc/conn_client.c"
},
"digest": {
"length": 1768.0,
"function_hash": "25008193566655544043628410523975362924"
},
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92",
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2024-50294-ff3f56af",
"target": {
"file": "include/trace/events/rxrpc.h"
},
"digest": {
"line_hashes": [
"266483397727910131389332442769335967817",
"246010498742252334274659096533677039470",
"34272311781822402004308550940306154600",
"258083598368826894779190378317410802501"
],
"threshold": 0.9
},
"deprecated": false
}
]