Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2024-39463: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

SUSE: CVE-2024-39463: SUSE Linux Security Advisory

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

06/25/2024

Created

07/23/2024

Added

07/23/2024

Modified

08/28/2024

Description

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's d_fsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcount_t: addition on 0; use-after-free. p9_fid_get linux/./include/net/9p/client.h:262 v9fs_fid_find+0x236/0x280 linux/fs/9p/fid.c:129 v9fs_fid_lookup_with_uid linux/fs/9p/fid.c:181 v9fs_fid_lookup+0xbf/0xc20 linux/fs/9p/fid.c:314 v9fs_vfs_getattr_dotl+0xf9/0x360 linux/fs/9p/vfs_inode_dotl.c:400 vfs_statx+0xdd/0x4d0 linux/fs/stat.c:248 Freed by: p9_fid_destroy (inlined) p9_client_clunk+0xb0/0xe0 linux/net/9p/client.c:1456 p9_fid_put linux/./include/net/9p/client.h:278 v9fs_dentry_release+0xb5/0x140 linux/fs/9p/vfs_dentry.c:55 v9fs_remove+0x38f/0x620 linux/fs/9p/vfs_inode.c:518 vfs_unlink+0x29a/0x810 linux/fs/namei.c:4335 The problem is that d_fsdata was not accessed under d_lock, because d_release() normally is only called once the dentry is otherwise no longer accessible but since we also call it explicitly in v9fs_remove that lock is required: move the hlist out of the dentry under lock then unref its fids once they are no longer accessible.

Solution(s)

suse-upgrade-cluster-md-kmp-64kb
suse-upgrade-cluster-md-kmp-azure
suse-upgrade-cluster-md-kmp-default
suse-upgrade-cluster-md-kmp-rt
suse-upgrade-dlm-kmp-64kb
suse-upgrade-dlm-kmp-azure
suse-upgrade-dlm-kmp-default
suse-upgrade-dlm-kmp-rt
suse-upgrade-dtb-allwinner
suse-upgrade-dtb-altera
suse-upgrade-dtb-amazon
suse-upgrade-dtb-amd
suse-upgrade-dtb-amlogic
suse-upgrade-dtb-apm
suse-upgrade-dtb-apple
suse-upgrade-dtb-arm
suse-upgrade-dtb-broadcom
suse-upgrade-dtb-cavium
suse-upgrade-dtb-exynos
suse-upgrade-dtb-freescale
suse-upgrade-dtb-hisilicon
suse-upgrade-dtb-lg
suse-upgrade-dtb-marvell
suse-upgrade-dtb-mediatek
suse-upgrade-dtb-nvidia
suse-upgrade-dtb-qcom
suse-upgrade-dtb-renesas
suse-upgrade-dtb-rockchip
suse-upgrade-dtb-socionext
suse-upgrade-dtb-sprd
suse-upgrade-dtb-xilinx
suse-upgrade-gfs2-kmp-64kb
suse-upgrade-gfs2-kmp-azure
suse-upgrade-gfs2-kmp-default
suse-upgrade-gfs2-kmp-rt
suse-upgrade-kernel-64kb
suse-upgrade-kernel-64kb-devel
suse-upgrade-kernel-64kb-extra
suse-upgrade-kernel-64kb-livepatch-devel
suse-upgrade-kernel-64kb-optional
suse-upgrade-kernel-azure
suse-upgrade-kernel-azure-devel
suse-upgrade-kernel-azure-extra
suse-upgrade-kernel-azure-livepatch-devel
suse-upgrade-kernel-azure-optional
suse-upgrade-kernel-azure-vdso
suse-upgrade-kernel-debug
suse-upgrade-kernel-debug-devel
suse-upgrade-kernel-debug-livepatch-devel
suse-upgrade-kernel-debug-vdso
suse-upgrade-kernel-default
suse-upgrade-kernel-default-base
suse-upgrade-kernel-default-base-rebuild
suse-upgrade-kernel-default-devel
suse-upgrade-kernel-default-extra
suse-upgrade-kernel-default-livepatch
suse-upgrade-kernel-default-livepatch-devel
suse-upgrade-kernel-default-optional
suse-upgrade-kernel-default-vdso
suse-upgrade-kernel-devel
suse-upgrade-kernel-devel-azure
suse-upgrade-kernel-devel-rt
suse-upgrade-kernel-docs
suse-upgrade-kernel-docs-html
suse-upgrade-kernel-kvmsmall
suse-upgrade-kernel-kvmsmall-devel
suse-upgrade-kernel-kvmsmall-livepatch-devel
suse-upgrade-kernel-kvmsmall-vdso
suse-upgrade-kernel-macros
suse-upgrade-kernel-obs-build
suse-upgrade-kernel-obs-qa
suse-upgrade-kernel-rt
suse-upgrade-kernel-rt-devel
suse-upgrade-kernel-rt-extra
suse-upgrade-kernel-rt-livepatch
suse-upgrade-kernel-rt-livepatch-devel
suse-upgrade-kernel-rt-optional
suse-upgrade-kernel-rt-vdso
suse-upgrade-kernel-rt_debug
suse-upgrade-kernel-rt_debug-devel
suse-upgrade-kernel-rt_debug-livepatch-devel
suse-upgrade-kernel-rt_debug-vdso
suse-upgrade-kernel-source
suse-upgrade-kernel-source-azure
suse-upgrade-kernel-source-rt
suse-upgrade-kernel-source-vanilla
suse-upgrade-kernel-syms
suse-upgrade-kernel-syms-azure
suse-upgrade-kernel-syms-rt
suse-upgrade-kernel-zfcpdump
suse-upgrade-kselftests-kmp-64kb
suse-upgrade-kselftests-kmp-azure
suse-upgrade-kselftests-kmp-default
suse-upgrade-kselftests-kmp-rt
suse-upgrade-ocfs2-kmp-64kb
suse-upgrade-ocfs2-kmp-azure
suse-upgrade-ocfs2-kmp-default
suse-upgrade-ocfs2-kmp-rt
suse-upgrade-reiserfs-kmp-64kb
suse-upgrade-reiserfs-kmp-azure
suse-upgrade-reiserfs-kmp-default
suse-upgrade-reiserfs-kmp-rt

References

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2024-39463: SUSE Linux Security Advisory

SUSE: CVE-2024-39463: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.