CVE-2024-50207

Published Nov 8, 2024

Last updated 3 months ago

CVSS medium 5.5

Overview

Description
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix reader locking when changing the sub buffer order The function ring_buffer_subbuf_order_set() updates each ring_buffer_per_cpu and installs new sub buffers that match the requested page order. This operation may be invoked concurrently with readers that rely on some of the modified data, such as the head bit (RB_PAGE_HEAD), or the ring_buffer_per_cpu.pages and reader_page pointers. However, no exclusive access is acquired by ring_buffer_subbuf_order_set(). Modifying the mentioned data while a reader also operates on them can then result in incorrect memory access and various crashes. Fix the problem by taking the reader_lock when updating a specific ring_buffer_per_cpu in ring_buffer_subbuf_order_set().
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
5.5
Impact score
3.6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

nvd@nist.gov
CWE-667

Social media

Hype score
Not currently trending

  1. CVE-2024-50207 Critical Fix for Reader Locking Vulnerability in Linux Kernel Ring-Buffer The Linux kernel had a problem that has now been fixed: ring-buffer: Fix reader locking when changing the sub buffer order... https://t.co/YrXSjy6SE8

    @VulmonFeeds

    8 Nov 2024

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-50207 In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix reader locking when changing the sub buffer order The function ring_buffer_subb… https://t.co/vplMlWaXv5

    @CVEnew

    8 Nov 2024

    363 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References