Re: CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().
From: Siddh Raman Pant
Date: Tue Sep 03 2024 - 07:56:43 EST
On Mon, 29 Jul 2024 16:32:36 +0200, Greg Kroah-Hartman wrote:
> In the Linux kernel, the following vulnerability has been resolved:
>
> udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().
>
> [...]
>
> We had the same bug in TCP and fixed it in commit 871019b22d1b ("net:
> set SOCK_RCU_FREE before inserting socket into hashtable").
>
> Let's apply the same fix for UDP.
>
> [...]
>
> The Linux kernel CVE team has assigned CVE-2024-41041 to this issue.
>
>
> Affected and fixed versions
> ===========================
>
> Issue introduced in 4.20 with commit 6acc9b432e67 and fixed in 5.4.280 with commit 7a67c4e47626
> Issue introduced in 4.20 with commit 6acc9b432e67 and fixed in 5.10.222 with commit 9f965684c57c
These versions don't have the TCP fix backported. Please do so.
Thanks,
Siddh
Attachment:
signature.asc
Description: This is a digitally signed message part