#VU94104 Resource management error in Linux kernel


Published: 2024-07-11

Vulnerability identifier: #VU94104

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27390

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the way the synchronize_net() function is called within the ipv6_mc_down() function in net/ipv6/mcast.c, which can lead to long synchronization up to 5 minutes. A remote attacker can perform a denial of service (DoS) attack by initiating multiple connections.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://git.kernel.org/stable/c/9d159d6637ccce25f879d662a480541ef4ba3a50
http://git.kernel.org/stable/c/a03ede2282ebbd181bd6f5c38cbfcb5765afcd04
http://git.kernel.org/stable/c/26d4bac55750d535f1f0b8790dc26daf6089e373
http://git.kernel.org/stable/c/7eb06ee5921189812e6b4bfe7b0f1e878be16df7
http://git.kernel.org/stable/c/5da9a218340a2bc804dc4327e5804392e24a0b88
http://git.kernel.org/stable/c/17ef8efc00b34918b966388b2af0993811895a8c

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for linux-raspi
Ubuntu update for linux-oracle
Ubuntu update for linux-azure
Ubuntu update for linux-oem-6.8
Ubuntu update for linux
Ubuntu update for linux-ibm-5.15
Ubuntu update for linux-hwe-5.15
Ubuntu update for linux-gkeop
Remote denial of service in Linux kernel ipv6 mcast