#VU93375 Race condition in Linux kernel - CVE-2024-36905

Vulnerability identifier: #VU93375

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36905

CWE-ID: CWE-362

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/34e41a031fd7523bf1cd00a2adca2370aebea270
https://git.kernel.org/stable/c/ed5e279b69e007ce6c0fe82a5a534c1b19783214
https://git.kernel.org/stable/c/413c33b9f3bc36fdf719690a78824db9f88a9485
https://git.kernel.org/stable/c/2552c9d9440f8e7a2ed0660911ff00f25b90a0a4
https://git.kernel.org/stable/c/3fe4ef0568a48369b1891395d13ac593b1ba41b1
https://git.kernel.org/stable/c/f47d0d32fa94e815fdd78b8b88684873e67939f4
https://git.kernel.org/stable/c/cbf232ba11bc86a5281b4f00e1151349ef4d45cf
https://git.kernel.org/stable/c/94062790aedb505bdda209b10bea47b294d6394f

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.