Ubuntu.comUB:CVE-2024-26583CVE-2024-26583
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved: tls:
fix race between async notify and socket close The submitting thread (one
which called recvmsg/sendmsg) may exit as soon as the async crypto handler
calls complete() so any code past that point risks touching already freed
data. Try to avoid the locking and extra flags altogether. Have the main
thread hold an extra reference, this way we can depend solely on the atomic
ref counter for synchronization. Don’t futz with reiniting the completion,
either, we are now tightly controlling when completion fires.
Notes
| Author | Note |
|---|---|
| Priority reason: An attacker might elevate privileges by winning the race condition. | |
| rodrigo-zaiden | USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux | < 5.15.0-112.122 | UNKNOWN |
| ubuntu | 23.10 | noarch | linux | < 6.5.0-41.41 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1063.69 | UNKNOWN |
| ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1021.21 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1063.69~20.04.1 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
References
git.kernel.org/linus/aec7961916f3f9e88766e2688992da6980f11b8d (6.8-rc5)
git.kernel.org/stable/c/aec7961916f3f9e88766e2688992da6980f11b8d
launchpad.net/bugs/cve/CVE-2024-26583
nvd.nist.gov/vuln/detail/CVE-2024-26583
security-tracker.debian.org/tracker/CVE-2024-26583
ubuntu.com/security/notices/USN-6818-1
ubuntu.com/security/notices/USN-6818-2
ubuntu.com/security/notices/USN-6818-3
ubuntu.com/security/notices/USN-6818-4
ubuntu.com/security/notices/USN-6819-1
ubuntu.com/security/notices/USN-6819-2
ubuntu.com/security/notices/USN-6819-3
ubuntu.com/security/notices/USN-6819-4
ubuntu.com/security/notices/USN-6820-1
ubuntu.com/security/notices/USN-6820-2
ubuntu.com/security/notices/USN-6821-1
ubuntu.com/security/notices/USN-6821-2
ubuntu.com/security/notices/USN-6821-3
ubuntu.com/security/notices/USN-6821-4
ubuntu.com/security/notices/USN-6828-1
ubuntu.com/security/notices/USN-6871-1
www.cve.org/CVERecord?id=CVE-2024-26583
Related
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%