{"vulnerability": "CVE-2024-56743", "sightings": [{"uuid": "89d78cd0-8f63-4419-86a7-fec90b0c1990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56743", "type": "seen", "source": "https://t.me/cvedetector/13890", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56743 - Linux Kernel: NFS Common Remote Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56743 \nPublished : Dec. 29, 2024, 12:15 p.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnfs_common: must not hold RCU while calling nfsd_file_put_local  \n  \nMove holding the RCU from nfs_to_nfsd_file_put_local to  \nnfs_to_nfsd_net_put.  It is the call to nfs_to->nfsd_serv_put that  \nrequires the RCU anyway (the puts for nfsd_file and netns were  \ncombined to avoid an extra indirect reference but that  \nmicro-optimization isn't possible now).  \n  \nThis fixes xfstests generic/013 and it triggering:  \n  \n\"Voluntary context switch within RCU read-side critical section!\"  \n  \n[  143.545738] Call Trace:  \n[  143.546206]    \n[  143.546625]  ? show_regs+0x6d/0x80  \n[  143.547267]  ? __warn+0x91/0x140  \n[  143.547951]  ? rcu_note_context_switch+0x496/0x5d0  \n[  143.548856]  ? report_bug+0x193/0x1a0  \n[  143.549557]  ? handle_bug+0x63/0xa0  \n[  143.550214]  ? exc_invalid_op+0x1d/0x80  \n[  143.550938]  ? asm_exc_invalid_op+0x1f/0x30  \n[  143.551736]  ? rcu_note_context_switch+0x496/0x5d0  \n[  143.552634]  ? wakeup_preempt+0x62/0x70  \n[  143.553358]  __schedule+0xaa/0x1380  \n[  143.554025]  ? _raw_spin_unlock_irqrestore+0x12/0x40  \n[  143.554958]  ? try_to_wake_up+0x1fe/0x6b0  \n[  143.555715]  ? wake_up_process+0x19/0x20  \n[  143.556452]  schedule+0x2e/0x120  \n[  143.557066]  schedule_preempt_disabled+0x19/0x30  \n[  143.557933]  rwsem_down_read_slowpath+0x24d/0x4a0  \n[  143.558818]  ? xfs_efi_item_format+0x50/0xc0 [xfs]  \n[  143.559894]  down_read+0x4e/0xb0  \n[  143.560519]  xlog_cil_commit+0x1b2/0xbc0 [xfs]  \n[  143.561460]  ? _raw_spin_unlock+0x12/0x30  \n[  143.562212]  ? xfs_inode_item_precommit+0xc7/0x220 [xfs]  \n[  143.563309]  ? xfs_trans_run_precommits+0x69/0xd0 [xfs]  \n[  143.564394]  __xfs_trans_commit+0xb5/0x330 [xfs]  \n[  143.565367]  xfs_trans_roll+0x48/0xc0 [xfs]  \n[  143.566262]  xfs_defer_trans_roll+0x57/0x100 [xfs]  \n[  143.567278]  xfs_defer_finish_noroll+0x27a/0x490 [xfs]  \n[  143.568342]  xfs_defer_finish+0x1a/0x80 [xfs]  \n[  143.569267]  xfs_bunmapi_range+0x4d/0xb0 [xfs]  \n[  143.570208]  xfs_itruncate_extents_flags+0x13d/0x230 [xfs]  \n[  143.571353]  xfs_free_eofblocks+0x12e/0x190 [xfs]  \n[  143.572359]  xfs_file_release+0x12d/0x140 [xfs]  \n[  143.573324]  __fput+0xe8/0x2d0  \n[  143.573922]  __fput_sync+0x1d/0x30  \n[  143.574574]  nfsd_filp_close+0x33/0x60 [nfsd]  \n[  143.575430]  nfsd_file_free+0x96/0x150 [nfsd]  \n[  143.576274]  nfsd_file_put+0xf7/0x1a0 [nfsd]  \n[  143.577104]  nfsd_file_put_local+0x18/0x30 [nfsd]  \n[  143.578070]  nfs_close_local_fh+0x101/0x110 [nfs_localio]  \n[  143.579079]  __put_nfs_open_context+0xc9/0x180 [nfs]  \n[  143.580031]  nfs_file_clear_open_context+0x4a/0x60 [nfs]  \n[  143.581038]  nfs_file_release+0x3e/0x60 [nfs]  \n[  143.581879]  __fput+0xe8/0x2d0  \n[  143.582464]  __fput_sync+0x1d/0x30  \n[  143.583108]  __x64_sys_close+0x41/0x80  \n[  143.583823]  x64_sys_call+0x189a/0x20d0  \n[  143.584552]  do_syscall_64+0x64/0x170  \n[  143.585240]  entry_SYSCALL_64_after_hwframe+0x76/0x7e  \n[  143.586185] RIP: 0033:0x7f3c5153efd7 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T14:02:23.000000Z"}, {"uuid": "e506c9ef-77a4-4dae-ac07-ccb2fd7b5104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56743", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legyoej4hv22", "content": "", "creation_timestamp": "2024-12-29T12:16:00.562982Z"}, {"uuid": "361a4d4a-322c-4cee-acb3-d0c7628b8905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56743", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113736096698755835", "content": "", "creation_timestamp": "2024-12-29T12:25:09.123192Z"}]}