CVE-2024-53047

EPSS 0.01%
Veröffentlicht 19.11.2024 18:15:25
Zuletzt bearbeitet 01.10.2025 21:16:21
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved:

mptcp: init: protect sched with rcu_read_lock

Enabling CONFIG_PROVE_RCU_LIST with its dependence CONFIG_RCU_EXPERT
creates this splat when an MPTCP socket is created:

  =============================
  WARNING: suspicious RCU usage
  6.12.0-rc2+ #11 Not tainted
  -----------------------------
  net/mptcp/sched.c:44 RCU-list traversed in non-reader section!!

  other info that might help us debug this:

  rcu_scheduler_active = 2, debug_locks = 1
  no locks held by mptcp_connect/176.

  stack backtrace:
  CPU: 0 UID: 0 PID: 176 Comm: mptcp_connect Not tainted 6.12.0-rc2+ #11
  Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
  Call Trace:
   <TASK>
   dump_stack_lvl (lib/dump_stack.c:123)
   lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)
   mptcp_sched_find (net/mptcp/sched.c:44 (discriminator 7))
   mptcp_init_sock (net/mptcp/protocol.c:2867 (discriminator 1))
   ? sock_init_data_uid (arch/x86/include/asm/atomic.h:28)
   inet_create.part.0.constprop.0 (net/ipv4/af_inet.c:386)
   ? __sock_create (include/linux/rcupdate.h:347 (discriminator 1))
   __sock_create (net/socket.c:1576)
   __sys_socket (net/socket.c:1671)
   ? __pfx___sys_socket (net/socket.c:1712)
   ? do_user_addr_fault (arch/x86/mm/fault.c:1419 (discriminator 1))
   __x64_sys_socket (net/socket.c:1728)
   do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1))
   entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)

That's because when the socket is initialised, rcu_read_lock() is not
used despite the explicit comment written above the declaration of
mptcp_sched_find() in sched.c. Adding the missing lock/unlock avoids the
warning.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 7 VulnDex Vulnerability Enrichment 3

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.6 < 6.6.60

Linux ≫ Linux Kernel Version >= 6.7 < 6.11.7

Linux ≫ Linux Kernel Version6.12 Updaterc1

Linux ≫ Linux Kernel Version6.12 Updaterc2

Linux ≫ Linux Kernel Version6.12 Updaterc3

Linux ≫ Linux Kernel Version6.12 Updaterc4

Linux ≫ Linux Kernel Version6.12 Updaterc5

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.006

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/3deb12c788c385e17142ce6ec50f769852fcec65

Patch

https://git.kernel.org/stable/c/494eb22f9a7bd03783e60595a57611c209175f1a

Patch

https://git.kernel.org/stable/c/cb8b81ad3e893a6d18dcdd3754cc2ea2a42c0136

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-53047

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-53047

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-53047

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-53047