CVE-2024-42245
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-42245 is a vulnerability affecting the Linux kernel. A previous commit, b0defa7ae03ecf91b8bfd10ede430cff12fcbd06, aimed to make it easier to detach tasks that were pinned and buried in long lists. However, this change introduced an O(n) iteration in detach_tasks(), making it easier to trigger hard lockups, particularly when rq lock was held in softirq context. After discussion on the mailing list, it was determined that reverting the original patch was the best course of action, as the number of affected users seemed low and the potential for hard lockups was significant.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Linux Kernel
Affected Vendors
- LINUX