Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2024-26898): Linux kernel vulnerabilities

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Ubuntu: (Multiple Advisories) (CVE-2024-26898): Linux kernel vulnerabilities

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
04/17/2024
Created
07/02/2024
Added
07/01/2024
Modified
07/18/2024

Description

In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().

Solution(s)

  • ubuntu-upgrade-linux-image-4-15-0-1132-oracle
  • ubuntu-upgrade-linux-image-4-15-0-1153-kvm
  • ubuntu-upgrade-linux-image-4-15-0-1163-gcp
  • ubuntu-upgrade-linux-image-4-15-0-1169-aws
  • ubuntu-upgrade-linux-image-4-15-0-1178-azure
  • ubuntu-upgrade-linux-image-4-15-0-226-generic
  • ubuntu-upgrade-linux-image-4-15-0-226-lowlatency
  • ubuntu-upgrade-linux-image-4-4-0-1133-aws
  • ubuntu-upgrade-linux-image-4-4-0-1134-kvm
  • ubuntu-upgrade-linux-image-4-4-0-1171-aws
  • ubuntu-upgrade-linux-image-4-4-0-256-generic
  • ubuntu-upgrade-linux-image-4-4-0-256-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp
  • ubuntu-upgrade-linux-image-5-15-0-1046-gkeop
  • ubuntu-upgrade-linux-image-5-15-0-1056-ibm
  • ubuntu-upgrade-linux-image-5-15-0-1057-ibm
  • ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg
  • ubuntu-upgrade-linux-image-5-15-0-1058-nvidia
  • ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-1060-gke
  • ubuntu-upgrade-linux-image-5-15-0-1060-kvm
  • ubuntu-upgrade-linux-image-5-15-0-1061-oracle
  • ubuntu-upgrade-linux-image-5-15-0-1062-gcp
  • ubuntu-upgrade-linux-image-5-15-0-1063-aws
  • ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde
  • ubuntu-upgrade-linux-image-5-15-0-1066-azure
  • ubuntu-upgrade-linux-image-5-15-0-110-lowlatency
  • ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k
  • ubuntu-upgrade-linux-image-5-15-0-112-generic
  • ubuntu-upgrade-linux-image-5-15-0-112-generic-64k
  • ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae
  • ubuntu-upgrade-linux-image-5-15-0-113-generic
  • ubuntu-upgrade-linux-image-5-15-0-113-generic-64k
  • ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae
  • ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp
  • ubuntu-upgrade-linux-image-5-4-0-1075-ibm
  • ubuntu-upgrade-linux-image-5-4-0-1088-bluefield
  • ubuntu-upgrade-linux-image-5-4-0-1095-gkeop
  • ubuntu-upgrade-linux-image-5-4-0-1116-kvm
  • ubuntu-upgrade-linux-image-5-4-0-1127-oracle
  • ubuntu-upgrade-linux-image-5-4-0-1132-gcp
  • ubuntu-upgrade-linux-image-5-4-0-1133-azure
  • ubuntu-upgrade-linux-image-5-4-0-189-generic
  • ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae
  • ubuntu-upgrade-linux-image-5-4-0-189-lowlatency
  • ubuntu-upgrade-linux-image-6-5-0-1020-raspi
  • ubuntu-upgrade-linux-image-6-5-0-1023-nvidia
  • ubuntu-upgrade-linux-image-6-5-0-1023-nvidia-64k
  • ubuntu-upgrade-linux-image-6-5-0-1024-azure
  • ubuntu-upgrade-linux-image-6-5-0-1024-azure-fde
  • ubuntu-upgrade-linux-image-6-5-0-1024-gcp
  • ubuntu-upgrade-linux-image-6-5-0-44-generic
  • ubuntu-upgrade-linux-image-6-5-0-44-generic-64k
  • ubuntu-upgrade-linux-image-6-8-0-1004-gke
  • ubuntu-upgrade-linux-image-6-8-0-1005-raspi
  • ubuntu-upgrade-linux-image-6-8-0-1006-ibm
  • ubuntu-upgrade-linux-image-6-8-0-1006-oem
  • ubuntu-upgrade-linux-image-6-8-0-1006-oracle
  • ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k
  • ubuntu-upgrade-linux-image-6-8-0-1008-azure
  • ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde
  • ubuntu-upgrade-linux-image-6-8-0-1008-gcp
  • ubuntu-upgrade-linux-image-6-8-0-1009-aws
  • ubuntu-upgrade-linux-image-6-8-0-35-generic
  • ubuntu-upgrade-linux-image-6-8-0-35-generic-64k
  • ubuntu-upgrade-linux-image-6-8-0-35-lowlatency
  • ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k
  • ubuntu-upgrade-linux-image-aws
  • ubuntu-upgrade-linux-image-aws-hwe
  • ubuntu-upgrade-linux-image-aws-lts-18-04
  • ubuntu-upgrade-linux-image-aws-lts-22-04
  • ubuntu-upgrade-linux-image-azure
  • ubuntu-upgrade-linux-image-azure-fde
  • ubuntu-upgrade-linux-image-azure-fde-lts-22-04
  • ubuntu-upgrade-linux-image-azure-lts-18-04
  • ubuntu-upgrade-linux-image-azure-lts-20-04
  • ubuntu-upgrade-linux-image-azure-lts-22-04
  • ubuntu-upgrade-linux-image-bluefield
  • ubuntu-upgrade-linux-image-gcp
  • ubuntu-upgrade-linux-image-gcp-lts-18-04
  • ubuntu-upgrade-linux-image-gcp-lts-20-04
  • ubuntu-upgrade-linux-image-gcp-lts-22-04
  • ubuntu-upgrade-linux-image-generic
  • ubuntu-upgrade-linux-image-generic-64k
  • ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
  • ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
  • ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
  • ubuntu-upgrade-linux-image-generic-hwe-16-04
  • ubuntu-upgrade-linux-image-generic-hwe-18-04
  • ubuntu-upgrade-linux-image-generic-hwe-20-04
  • ubuntu-upgrade-linux-image-generic-hwe-22-04
  • ubuntu-upgrade-linux-image-generic-hwe-24-04
  • ubuntu-upgrade-linux-image-generic-lpae
  • ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
  • ubuntu-upgrade-linux-image-generic-lts-xenial
  • ubuntu-upgrade-linux-image-gke
  • ubuntu-upgrade-linux-image-gke-5-15
  • ubuntu-upgrade-linux-image-gkeop
  • ubuntu-upgrade-linux-image-gkeop-5-15
  • ubuntu-upgrade-linux-image-gkeop-5-4
  • ubuntu-upgrade-linux-image-ibm
  • ubuntu-upgrade-linux-image-ibm-classic
  • ubuntu-upgrade-linux-image-ibm-lts-20-04
  • ubuntu-upgrade-linux-image-ibm-lts-24-04
  • ubuntu-upgrade-linux-image-intel
  • ubuntu-upgrade-linux-image-intel-iotg
  • ubuntu-upgrade-linux-image-kvm
  • ubuntu-upgrade-linux-image-lowlatency
  • ubuntu-upgrade-linux-image-lowlatency-64k
  • ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
  • ubuntu-upgrade-linux-image-lowlatency-hwe-16-04
  • ubuntu-upgrade-linux-image-lowlatency-hwe-18-04
  • ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
  • ubuntu-upgrade-linux-image-lowlatency-lts-xenial
  • ubuntu-upgrade-linux-image-nvidia
  • ubuntu-upgrade-linux-image-nvidia-6-5
  • ubuntu-upgrade-linux-image-nvidia-64k-6-5
  • ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04
  • ubuntu-upgrade-linux-image-nvidia-hwe-22-04
  • ubuntu-upgrade-linux-image-nvidia-lowlatency
  • ubuntu-upgrade-linux-image-oem
  • ubuntu-upgrade-linux-image-oem-20-04
  • ubuntu-upgrade-linux-image-oem-20-04b
  • ubuntu-upgrade-linux-image-oem-20-04c
  • ubuntu-upgrade-linux-image-oem-20-04d
  • ubuntu-upgrade-linux-image-oem-24-04
  • ubuntu-upgrade-linux-image-oem-24-04a
  • ubuntu-upgrade-linux-image-oem-osp1
  • ubuntu-upgrade-linux-image-oracle
  • ubuntu-upgrade-linux-image-oracle-64k
  • ubuntu-upgrade-linux-image-oracle-lts-18-04
  • ubuntu-upgrade-linux-image-oracle-lts-20-04
  • ubuntu-upgrade-linux-image-oracle-lts-22-04
  • ubuntu-upgrade-linux-image-raspi
  • ubuntu-upgrade-linux-image-raspi-nolpae
  • ubuntu-upgrade-linux-image-snapdragon-hwe-18-04
  • ubuntu-upgrade-linux-image-virtual
  • ubuntu-upgrade-linux-image-virtual-hwe-16-04
  • ubuntu-upgrade-linux-image-virtual-hwe-18-04
  • ubuntu-upgrade-linux-image-virtual-hwe-20-04
  • ubuntu-upgrade-linux-image-virtual-hwe-22-04
  • ubuntu-upgrade-linux-image-virtual-hwe-24-04
  • ubuntu-upgrade-linux-image-virtual-lts-xenial
  • ubuntu-upgrade-linux-image-xilinx-zynqmp

References

  • https://attackerkb.com/topics/cve-2024-26898
  • CVE - 2024-26898
  • USN-6816-1
  • USN-6817-1
  • USN-6817-2
  • USN-6817-3
  • USN-6820-1
  • USN-6820-2
  • USN-6821-1
  • USN-6821-2
  • USN-6821-3
  • USN-6821-4
  • USN-6828-1
  • USN-6865-1
  • USN-6866-1
  • USN-6866-2
  • USN-6866-3
  • USN-6871-1
  • USN-6878-1
  • USN-6892-1
  • USN-6895-1
  • USN-6895-2
  • USN-6896-1
  • USN-6896-2
  • USN-6896-3
  • USN-6900-1
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;