CVE-2024-27395
Description
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-5102.html
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:5102
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-5101.html
Vendor advisory: alma — https://bugzilla.redhat.com/2298108
Vendor advisory: alma — https://bugzilla.redhat.com/2297558
Vendor advisory: alma — https://bugzilla.redhat.com/2297511
Vendor advisory: alma — https://bugzilla.redhat.com/2297474
Vendor advisory: alma — https://bugzilla.redhat.com/2297056
Vendor advisory: alma — https://bugzilla.redhat.com/2296067
Vendor advisory: alma — https://bugzilla.redhat.com/2295914
Vendor advisory: alma — https://bugzilla.redhat.com/2294274
Vendor advisory: alma — https://bugzilla.redhat.com/2293711
Vendor advisory: alma — https://bugzilla.redhat.com/2293700
Vendor advisory: alma — https://bugzilla.redhat.com/2293687
Vendor advisory: alma — https://bugzilla.redhat.com/2293684
Vendor advisory: alma — https://bugzilla.redhat.com/2293657
Vendor advisory: alma — https://bugzilla.redhat.com/2293653
Vendor advisory: alma — https://bugzilla.redhat.com/2293461
Vendor advisory: alma — https://bugzilla.redhat.com/2293444
Vendor advisory: alma — https://bugzilla.redhat.com/2293420
Vendor advisory: alma — https://bugzilla.redhat.com/2293418
Vendor advisory: alma — https://bugzilla.redhat.com/2293383
Vendor advisory: alma — https://bugzilla.redhat.com/2293371
Vendor advisory: alma — https://bugzilla.redhat.com/2293367
Vendor advisory: alma — https://bugzilla.redhat.com/2293348
Vendor advisory: alma — https://bugzilla.redhat.com/2293316
Vendor advisory: alma — https://bugzilla.redhat.com/2293312
Vendor advisory: alma — https://bugzilla.redhat.com/2293276
Vendor advisory: alma — https://bugzilla.redhat.com/2293250
Vendor advisory: alma — https://bugzilla.redhat.com/2293078
Vendor advisory: alma — https://bugzilla.redhat.com/2292331
Vendor advisory: alma — https://bugzilla.redhat.com/2290408
Vendor advisory: alma — https://bugzilla.redhat.com/2284625
Vendor advisory: alma — https://bugzilla.redhat.com/2284590
Vendor advisory: alma — https://bugzilla.redhat.com/2284571
Vendor advisory: alma — https://bugzilla.redhat.com/2284556
Vendor advisory: alma — https://bugzilla.redhat.com/2284541
Vendor advisory: alma — https://bugzilla.redhat.com/2284539
Vendor advisory: alma — https://bugzilla.redhat.com/2284519
Vendor advisory: alma — https://bugzilla.redhat.com/2284513
Vendor advisory: alma — https://bugzilla.redhat.com/2284500
Vendor advisory: alma — https://bugzilla.redhat.com/2284496
Vendor advisory: alma — https://bugzilla.redhat.com/2284488
Vendor advisory: alma — https://bugzilla.redhat.com/2284477
Vendor advisory: alma — https://bugzilla.redhat.com/2284474
Vendor advisory: alma — https://bugzilla.redhat.com/2284465
Vendor advisory: alma — https://bugzilla.redhat.com/2284421
Vendor advisory: alma — https://bugzilla.redhat.com/2284417
Vendor advisory: alma — https://bugzilla.redhat.com/2284400
Vendor advisory: alma — https://bugzilla.redhat.com/2283894
Vendor advisory: alma — https://bugzilla.redhat.com/2283401
Vendor advisory: alma — https://bugzilla.redhat.com/2282950
Vendor advisory: alma — https://bugzilla.redhat.com/2282925
Vendor advisory: alma — https://bugzilla.redhat.com/2282923
Vendor advisory: alma — https://bugzilla.redhat.com/2282896
Vendor advisory: alma — https://bugzilla.redhat.com/2282887
Vendor advisory: alma — https://bugzilla.redhat.com/2282780
Vendor advisory: alma — https://bugzilla.redhat.com/2282772
Vendor advisory: alma — https://bugzilla.redhat.com/2282766
Vendor advisory: alma — https://bugzilla.redhat.com/2282763
Vendor advisory: alma — https://bugzilla.redhat.com/2282759
Vendor advisory: alma — https://bugzilla.redhat.com/2282744
Vendor advisory: alma — https://bugzilla.redhat.com/2282743
Vendor advisory: alma — https://bugzilla.redhat.com/2282742
Vendor advisory: alma — https://bugzilla.redhat.com/2282727
Vendor advisory: alma — https://bugzilla.redhat.com/2282719
Vendor advisory: alma — https://bugzilla.redhat.com/2282717
Vendor advisory: alma — https://bugzilla.redhat.com/2282690
Vendor advisory: alma — https://bugzilla.redhat.com/2282645
Vendor advisory: alma — https://bugzilla.redhat.com/2282642
Vendor advisory: alma — https://bugzilla.redhat.com/2282640
Vendor advisory: alma — https://bugzilla.redhat.com/2282623
Vendor advisory: alma — https://bugzilla.redhat.com/2282615
Vendor advisory: alma — https://bugzilla.redhat.com/2282553
Vendor advisory: alma — https://bugzilla.redhat.com/2282479
Vendor advisory: alma — https://bugzilla.redhat.com/2282373
Vendor advisory: alma — https://bugzilla.redhat.com/2282328
Vendor advisory: alma — https://bugzilla.redhat.com/2281989
Vendor advisory: alma — https://bugzilla.redhat.com/2281968
Vendor advisory: alma — https://bugzilla.redhat.com/2281949
Vendor advisory: alma — https://bugzilla.redhat.com/2281938
Vendor advisory: alma — https://bugzilla.redhat.com/2281833
Vendor advisory: alma — https://bugzilla.redhat.com/2281821
Vendor advisory: alma — https://bugzilla.redhat.com/2281819
Vendor advisory: alma — https://bugzilla.redhat.com/2281758
Vendor advisory: alma — https://bugzilla.redhat.com/2281752
Vendor advisory: alma — https://bugzilla.redhat.com/2281725
Vendor advisory: alma — https://bugzilla.redhat.com/2281682
Vendor advisory: alma — https://bugzilla.redhat.com/2281675
Vendor advisory: alma — https://bugzilla.redhat.com/2281672
Vendor advisory: alma — https://bugzilla.redhat.com/2281667
Vendor advisory: alma — https://bugzilla.redhat.com/2281664
Vendor advisory: alma — https://bugzilla.redhat.com/2281641
Vendor advisory: alma — https://bugzilla.redhat.com/2281636
Vendor advisory: alma — https://bugzilla.redhat.com/2281519
Vendor advisory: alma — https://bugzilla.redhat.com/2281510
Vendor advisory: alma — https://bugzilla.redhat.com/2281360
Vendor advisory: alma — https://bugzilla.redhat.com/2281326
Vendor advisory: alma — https://bugzilla.redhat.com/2281268
Vendor advisory: alma — https://bugzilla.redhat.com/2281235
Vendor advisory: alma — https://bugzilla.redhat.com/2281221
Vendor advisory: alma — https://bugzilla.redhat.com/2281215
Vendor advisory: alma — https://bugzilla.redhat.com/2281207
Vendor advisory: alma — https://bugzilla.redhat.com/2281190
Vendor advisory: alma — https://bugzilla.redhat.com/2281189
Vendor advisory: alma — https://bugzilla.redhat.com/2281149
Vendor advisory: alma — https://bugzilla.redhat.com/2281133
Vendor advisory: alma — https://bugzilla.redhat.com/2281054
Vendor advisory: alma — https://bugzilla.redhat.com/2280440
Vendor advisory: alma — https://bugzilla.redhat.com/2278989
Vendor advisory: alma — https://bugzilla.redhat.com/2278539
Vendor advisory: alma — https://bugzilla.redhat.com/2278535
Vendor advisory: alma — https://bugzilla.redhat.com/2278515
Vendor advisory: alma — https://bugzilla.redhat.com/2278484
Vendor advisory: alma — https://bugzilla.redhat.com/2278380
Vendor advisory: alma — https://bugzilla.redhat.com/2278279
Vendor advisory: alma — https://bugzilla.redhat.com/2278277
Vendor advisory: alma — https://bugzilla.redhat.com/2278258
Vendor advisory: alma — https://bugzilla.redhat.com/2278256
Vendor advisory: alma — https://bugzilla.redhat.com/2278218
Vendor advisory: alma — https://bugzilla.redhat.com/2278182
Vendor advisory: alma — https://bugzilla.redhat.com/2278178
Vendor advisory: alma — https://bugzilla.redhat.com/2278176
Vendor advisory: alma — https://bugzilla.redhat.com/2277840
Vendor advisory: alma — https://bugzilla.redhat.com/2277238
Vendor advisory: alma — https://bugzilla.redhat.com/2277166
Vendor advisory: alma — https://bugzilla.redhat.com/2275928
Vendor advisory: alma — https://bugzilla.redhat.com/2275761
Vendor advisory: alma — https://bugzilla.redhat.com/2275748
Vendor advisory: alma — https://bugzilla.redhat.com/2275744
Vendor advisory: alma — https://bugzilla.redhat.com/2275711
Vendor advisory: alma — https://bugzilla.redhat.com/2275694
Vendor advisory: alma — https://bugzilla.redhat.com/2275580
Vendor advisory: alma — https://bugzilla.redhat.com/2275573
Vendor advisory: alma — https://bugzilla.redhat.com/2275565
Vendor advisory: alma — https://bugzilla.redhat.com/2273654
Vendor advisory: alma — https://bugzilla.redhat.com/2273427
Vendor advisory: alma — https://bugzilla.redhat.com/2273268
Vendor advisory: alma — https://bugzilla.redhat.com/2273247
Vendor advisory: alma — https://bugzilla.redhat.com/2273242
Vendor advisory: alma — https://bugzilla.redhat.com/2273236
Vendor advisory: alma — https://bugzilla.redhat.com/2273174
Vendor advisory: alma — https://bugzilla.redhat.com/2273117
Vendor advisory: alma — https://bugzilla.redhat.com/2273109
Vendor advisory: alma — https://bugzilla.redhat.com/2272795
Vendor advisory: alma — https://bugzilla.redhat.com/2272782
Vendor advisory: alma — https://bugzilla.redhat.com/2271688
Vendor advisory: alma — https://bugzilla.redhat.com/2271686
Vendor advisory: alma — https://bugzilla.redhat.com/2270700
Vendor advisory: alma — https://bugzilla.redhat.com/2270100
Vendor advisory: alma — https://bugzilla.redhat.com/2270084
Vendor advisory: alma — https://bugzilla.redhat.com/2269211
Vendor advisory: alma — https://bugzilla.redhat.com/2269070
Vendor advisory: alma — https://bugzilla.redhat.com/2268118
Vendor advisory: alma — https://bugzilla.redhat.com/2267787
Vendor advisory: alma — https://bugzilla.redhat.com/2266594
Vendor advisory: alma — https://bugzilla.redhat.com/2266497
Vendor advisory: alma — https://bugzilla.redhat.com/2266347
Vendor advisory: alma — https://bugzilla.redhat.com/2266341
Vendor advisory: alma — https://bugzilla.redhat.com/2265797
Vendor advisory: alma — https://bugzilla.redhat.com/2265650
Vendor advisory: alma — https://bugzilla.redhat.com/2265645
Vendor advisory: alma — https://bugzilla.redhat.com/2263879
Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:5101
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2024-27395
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2024-27395.html
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:5101
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:5102
Vendor advisory: rocky — https://errata.rockylinux.org/RXSA-2024:5101
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3
Vendor advisory: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 — https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:9315
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 8 | fixed | |
| sles | affected | | |
| debian | bookworm | fixed | 6.1.90-1 |
| debian | bullseye | fixed | 5.10.216-1 |
| debian | forky | fixed | 6.8.9-1 |
| debian | sid | fixed | 6.8.9-1 |
| debian | trixie | fixed | 6.8.9-1 |
| debian | 10.0 | affected | |
| linux-kernel | affected | 4.19.313 | |
| linux-kernel | 6.9 | affected | |
| almalinux | 8 | fixed | kernel-doc-4.18.0-553.16.1.el8_10.noarch.rpm |
References
- https://access.redhat.com/errata/RHSA-2024:9315
- https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994
- https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3
- https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424
- https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2
- https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4
- https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1
- https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137
- https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-613116.html
- https://errata.rockylinux.org/RXSA-2024:5101
- https://errata.rockylinux.org/RLSA-2024:5102
- https://errata.rockylinux.org/RLSA-2024:5101
- https://www.suse.com/security/cve/CVE-2024-27395.html
- https://security-tracker.debian.org/tracker/CVE-2024-27395
- https://access.redhat.com/errata/RHSA-2024:5101
- https://bugzilla.redhat.com/2263879
- https://bugzilla.redhat.com/2265645
- https://bugzilla.redhat.com/2265650
- https://bugzilla.redhat.com/2265797
- https://bugzilla.redhat.com/2266341
- https://bugzilla.redhat.com/2266347
CWEs
CWE-416
Verify integrity in audit chain (admin only). AS-IS.