#VU91473 Race condition in Linux kernel - CVE-2024-27030

Vulnerability identifier: #VU91473

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27030

CWE-ID: CWE-362

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the rvu_queue_work(), rvu_mbox_intr_handler() and rvu_register_interrupts() functions in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2
https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a
https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70
https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44
https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d
https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c
https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701
https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.