vulnerability
Ubuntu: (Multiple Advisories) (CVE-2024-44959): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Sep 4, 2024 | Dec 13, 2024 | Jan 30, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
tracefs: Use generic inode RCU for synchronizing freeing
With structure layout randomization enabled for 'struct inode' we need to
avoid overlapping any of the RCU-used / initialized-only-once members,
e.g. i_lru or i_sb_list to not corrupt related list traversals when making
use of the rcu_head.
For an unlucky structure layout of 'struct inode' we may end up with the
following splat when running the ftrace selftests:
[next (tracefs_inode_cache+0x0/0x4e0 [slab object]) is NULL (prev is tracefs_inode_cache+0x78/0x4e0 [slab object])
[[[[[[] __list_del_entry_valid_or_report+0x138/0x3e0
[ 0b 4c 89 e9 48 89 ea 48 89 ee 48 c7 c7 60 8f dd 89 31 c0 e8 2f
[[[[[[[[[[[[[[[[[[[[[[[[[[
[] ? lock_release+0x175/0x380 fffffe80416afaf0
[] list_lru_del+0x152/0x740 fffffe80416afb48
[] list_lru_del_obj+0x113/0x280 fffffe80416afb88
[] ? _atomic_dec_and_lock+0x119/0x200 fffffe80416afb90
[] iput_final+0x1c4/0x9a0 fffffe80416afbb8
[] dentry_unlink_inode+0x44b/0xaa0 fffffe80416afbf8
[] __dentry_kill+0x23c/0xf00 fffffe80416afc40
[] ? __this_cpu_preempt_check+0x1f/0xa0 fffffe80416afc48
[] ? shrink_dentry_list+0x1c5/0x760 fffffe80416afc70
[] ? shrink_dentry_list+0x51/0x760 fffffe80416afc78
[] shrink_dentry_list+0x288/0x760 fffffe80416afc80
[] shrink_dcache_sb+0x155/0x420 fffffe80416afcc8
[] ? debug_smp_processor_id+0x23/0xa0 fffffe80416afce0
[] ? do_one_tre
---truncated---
Solution(s)
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.