SB20241022133 - Improper locking in Linux kernel
Published: October 22, 2024 Updated: May 12, 2025
Security Bulletin ID
SB20241022133
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2024-47739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the padata_do_serial() function in kernel/padata.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/46c4079460f4dcaf445860679558eedef4e1bc91
- https://git.kernel.org/stable/c/72164d5b648951684b1a593996b37a6083c61d7d
- https://git.kernel.org/stable/c/ab205e1c3846326f162180e56825b4ba38ce9c30
- https://git.kernel.org/stable/c/1b8cf11b3ca593a8802a51802cd0c28c38501428
- https://git.kernel.org/stable/c/9e279e6c1f012b82628b89e1b9c65dbefa8ca25a
- https://git.kernel.org/stable/c/1bd712de96ad7167fe0d608e706cd60587579f16
- https://git.kernel.org/stable/c/9a22b2812393d93d84358a760c347c21939029a6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.227
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.168
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.113
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.54