Rocky Linux: CVE-2024-41005: kernel (Multiple Advisories)

Rocky Linux: CVE-2024-41005: kernel (Multiple Advisories)

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

07/12/2024

Created

10/03/2024

Added

10/02/2024

Modified

11/19/2024

Description

In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10: net_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822) <snip> read to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2: netpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393) netpoll_send_udp (net/core/netpoll.c:?) <snip> value changed: 0x0000000a -> 0xffffffff This happens because netpoll_owner_active() needs to check if the current CPU is the owner of the lock, touching napi->poll_owner non atomically. The ->poll_owner field contains the current CPU holding the lock. Use an atomic read to check if the poll owner is the current CPU.

Solution(s)

• rocky-upgrade-bpftool
• rocky-upgrade-bpftool-debuginfo
• rocky-upgrade-kernel
• rocky-upgrade-kernel-core
• rocky-upgrade-kernel-cross-headers
• rocky-upgrade-kernel-debug
• rocky-upgrade-kernel-debug-core
• rocky-upgrade-kernel-debug-debuginfo
• rocky-upgrade-kernel-debug-devel
• rocky-upgrade-kernel-debug-devel-matched
• rocky-upgrade-kernel-debug-modules
• rocky-upgrade-kernel-debug-modules-core
• rocky-upgrade-kernel-debug-modules-extra
• rocky-upgrade-kernel-debug-uki-virt
• rocky-upgrade-kernel-debuginfo
• rocky-upgrade-kernel-devel
• rocky-upgrade-kernel-devel-matched
• rocky-upgrade-kernel-headers
• rocky-upgrade-kernel-modules
• rocky-upgrade-kernel-modules-core
• rocky-upgrade-kernel-modules-extra
• rocky-upgrade-kernel-rt
• rocky-upgrade-kernel-rt-core
• rocky-upgrade-kernel-rt-debug
• rocky-upgrade-kernel-rt-debug-core
• rocky-upgrade-kernel-rt-debug-debuginfo
• rocky-upgrade-kernel-rt-debug-devel
• rocky-upgrade-kernel-rt-debug-kvm
• rocky-upgrade-kernel-rt-debug-modules
• rocky-upgrade-kernel-rt-debug-modules-core
• rocky-upgrade-kernel-rt-debug-modules-extra
• rocky-upgrade-kernel-rt-debuginfo
• rocky-upgrade-kernel-rt-debuginfo-common-x86_64
• rocky-upgrade-kernel-rt-devel
• rocky-upgrade-kernel-rt-kvm
• rocky-upgrade-kernel-rt-modules
• rocky-upgrade-kernel-rt-modules-core
• rocky-upgrade-kernel-rt-modules-extra
• rocky-upgrade-kernel-tools
• rocky-upgrade-kernel-tools-debuginfo
• rocky-upgrade-kernel-tools-libs
• rocky-upgrade-kernel-tools-libs-devel
• rocky-upgrade-kernel-uki-virt
• rocky-upgrade-kernel-zfcpdump
• rocky-upgrade-kernel-zfcpdump-core
• rocky-upgrade-kernel-zfcpdump-debuginfo
• rocky-upgrade-kernel-zfcpdump-devel
• rocky-upgrade-kernel-zfcpdump-devel-matched
• rocky-upgrade-kernel-zfcpdump-modules
• rocky-upgrade-kernel-zfcpdump-modules-core
• rocky-upgrade-kernel-zfcpdump-modules-extra
• rocky-upgrade-libperf
• rocky-upgrade-libperf-debuginfo
• rocky-upgrade-perf
• rocky-upgrade-perf-debuginfo
• rocky-upgrade-python3-perf
• rocky-upgrade-python3-perf-debuginfo
• rocky-upgrade-rtla
• rocky-upgrade-rv

References

• https://attackerkb.com/topics/cve-2024-41005
• CVE - 2024-41005
• https://errata.rockylinux.org/RLSA-2024:7001
• https://errata.rockylinux.org/RLSA-2024:8617