CVE-2024-53140

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 4, 2024
Updated: Dec 14, 2024

Summary

CVE-2024-53140: A vulnerability has been identified and resolved in the Linux kernel related to netlink's socket termination. Netlink allows iterative dumping of data with optional start, dump, and done operations, which are asynchronous and triggered in response to recvmsg(). However, if the user closes the socket before completion, the ongoing dump might not be cleaned up properly. The current solution uses a workqueue to defer the call to the done operation, but this does not work correctly as someone else may release the socket in BH, resulting in the vulnerability persisting. The recommended fix is to delete the workqueue and flush the dump state directly from the release handler. This is unnecessary as only the user can interact with dumps and closes always occur in process context. Further cleanup may be implemented in the next release.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share