4.7

CVE-2024-41005

netpoll: Fix race condition in netpoll_owner_active

In the Linux kernel, the following vulnerability has been resolved:

netpoll: Fix race condition in netpoll_owner_active

KCSAN detected a race condition in netpoll:

	BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb
	write (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:
	net_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)
<snip>
	read to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:
	netpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)
	netpoll_send_udp (net/core/netpoll.c:?)
<snip>
	value changed: 0x0000000a -> 0xffffffff

This happens because netpoll_owner_active() needs to check if the
current CPU is the owner of the lock, touching napi->poll_owner
non atomically. The ->poll_owner field contains the current CPU holding
the lock.

Use an atomic read to check if the poll owner is the current CPU.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.221
LinuxLinux Kernel Version >= 5.11 < 5.15.162
LinuxLinux Kernel Version >= 5.16 < 6.1.96
LinuxLinux Kernel Version >= 6.2 < 6.6.36
LinuxLinux Kernel Version >= 6.7 < 6.9.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.088
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/3f1a155950a1685ffd0fd7175b3f671da8771f3d
Patch
https://git.kernel.org/stable/c/43c0ca793a18578a0f5b305dd77fcf7ed99f1265
Patch
https://git.kernel.org/stable/c/96826b16ef9c6568d31a1f6ceaa266411a46e46c
Patch
https://git.kernel.org/stable/c/a130e7da73ae93afdb4659842267eec734ffbd57
Patch
https://git.kernel.org/stable/c/c2e6a872bde9912f1a7579639c5ca3adf1003916
Patch
https://git.kernel.org/stable/c/efd29cd9c7b8369dfc7bcb34637e6bf1a188aa8e
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
https://cert-portal.siemens.com/productcert/html/ssa-355557.html
https://cert-portal.siemens.com/productcert/html/ssa-613116.html