5.8

CVE-2024-27402

phonet/pep: fix racy skb_queue_empty() use

In the Linux kernel, the following vulnerability has been resolved:

phonet/pep: fix racy skb_queue_empty() use

The receive queues are protected by their respective spin-lock, not
the socket lock. This could lead to skb_peek() unexpectedly
returning NULL or a pointer to an already dequeued socket buffer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.28 < 5.15.181
LinuxLinux Kernel Version >= 5.16 < 6.1.80
LinuxLinux Kernel Version >= 6.2 < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
LinuxLinux Kernel Version6.8 Updaterc2
LinuxLinux Kernel Version6.8 Updaterc3
LinuxLinux Kernel Version6.8 Updaterc4
LinuxLinux Kernel Version6.8 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.127
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.8 1 4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0a9f558c72c47472c38c05fcb72c70abb9104277
Patch
https://git.kernel.org/stable/c/7d2a894d7f487dcb894df023e9d3014cf5b93fe5
Patch
https://git.kernel.org/stable/c/8ef4fcc7014b9f93619851d6b78d6cc2789a4c88
Patch
https://git.kernel.org/stable/c/9d5523e065b568e79dfaa2ea1085a5bcf74baf78
Patch
https://git.kernel.org/stable/c/7d3914a477eed92b48c493a8631cc4554ab4fd4f
Patch