FKIE_CVE-2024-41081
Vulnerability from fkie_nvd - Published: 2024-07-29 15:15 - Updated: 2026-06-17 07:47
Severity
Summary
In the Linux kernel, the following vulnerability has been resolved:
ila: block BH in ila_output()
As explained in commit 1378817486d6 ("tipc: block BH
before using dst_cache"), net/core/dst_cache.c
helpers need to be called with BH disabled.
ila_output() is called from lwtunnel_output()
possibly from process context, and under rcu_read_lock().
We might be interrupted by a softirq, re-enter ila_output()
and corrupt dst_cache data structures.
Fix the race by using local_bh_disable().
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.10 | |
| linux | linux_kernel | 6.10 |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/ila/ila_lwt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7435bd2f84a25aba607030237261b3795ba782da",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "96103371091c6476eb07f4c66624bdd1b42f758a",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "a0cafb7b0b94d18e4813ee4b712a056f280e7b5a",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "feac2391e26b086f73be30e9b1ab215eada8d830",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "b4eb25a3d70df925a9fa4e82d17a958a0a228f5f",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "522c3336c2025818fa05e9daf0ac35711e55e316",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "9f9c79d8e527d867e0875868b14fb76e6011e70c",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
},
{
"lessThan": "cf28ff8e4c02e1ffa850755288ac954b6ff0db8c",
"status": "affected",
"version": "79ff2fc31e0f6a52eeb67fb89fba87e822b9b7b5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/ila/ila_lwt.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.319",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.281",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.223",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.164",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.101",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.42",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC91FCE2-5F13-4563-A586-2C2CA2D6D8F2",
"versionEndExcluding": "4.19.319",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92317F4D-6FF1-4A82-8834-52B023F0A242",
"versionEndExcluding": "5.4.281",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12CD4E48-26A1-40B4-AF6A-1CC066193F4C",
"versionEndExcluding": "5.10.223",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6B1E23-6E6C-4761-ACD4-EA687A95F56F",
"versionEndExcluding": "5.15.164",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B46438B-72B8-4053-8554-94AED3EB13EB",
"versionEndExcluding": "6.1.101",
"versionStartIncluding": "5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "972274A2-D688-4C37-BE42-689B58B4C225",
"versionEndExcluding": "6.6.42",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01E300B3-8B39-4A2D-8B03-4631433D3915",
"versionEndExcluding": "6.9.11",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: block BH in ila_output()\n\nAs explained in commit 1378817486d6 (\"tipc: block BH\nbefore using dst_cache\"), net/core/dst_cache.c\nhelpers need to be called with BH disabled.\n\nila_output() is called from lwtunnel_output()\npossibly from process context, and under rcu_read_lock().\n\nWe might be interrupted by a softirq, re-enter ila_output()\nand corrupt dst_cache data structures.\n\nFix the race by using local_bh_disable()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ila: bloquear BH en ila_output() Como se explica en la confirmaci\u00f3n 1378817486d6 (\"tipc: bloquear BH antes de usar dst_cache\"), los ayudantes net/core/dst_cache.c deben llamarse con BH desactivado. ila_output() se llama desde lwtunnel_output() posiblemente desde el contexto del proceso y bajo rcu_read_lock(). Podr\u00edamos ser interrumpidos por un softirq, volver a ingresar a ila_output() y da\u00f1ar las estructuras de datos dst_cache. Arregle la carrera usando local_bh_disable()."
}
],
"id": "CVE-2024-41081",
"lastModified": "2026-06-17T07:47:14.487",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2024-41081",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:21:05.349089Z",
"version": "2.0.3"
}
}
]
},
"published": "2024-07-29T15:15:15.593",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/522c3336c2025818fa05e9daf0ac35711e55e316"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/7435bd2f84a25aba607030237261b3795ba782da"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/96103371091c6476eb07f4c66624bdd1b42f758a"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/9f9c79d8e527d867e0875868b14fb76e6011e70c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/a0cafb7b0b94d18e4813ee4b712a056f280e7b5a"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b4eb25a3d70df925a9fa4e82d17a958a0a228f5f"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/cf28ff8e4c02e1ffa850755288ac954b6ff0db8c"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/feac2391e26b086f73be30e9b1ab215eada8d830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/522c3336c2025818fa05e9daf0ac35711e55e316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/7435bd2f84a25aba607030237261b3795ba782da"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/96103371091c6476eb07f4c66624bdd1b42f758a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/9f9c79d8e527d867e0875868b14fb76e6011e70c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/a0cafb7b0b94d18e4813ee4b712a056f280e7b5a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b4eb25a3d70df925a9fa4e82d17a958a0a228f5f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/cf28ff8e4c02e1ffa850755288ac954b6ff0db8c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/feac2391e26b086f73be30e9b1ab215eada8d830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…