#VU98370 Improper locking in Linux kernel - CVE-2024-47660

Vulnerability identifier: #VU98370

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47660

CWE-ID: CWE-667

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __fsnotify_recalc_mask() function in fs/notify/mark.c, within the fsnotify_sb_delete(), __fsnotify_update_child_dentry_flags() and __fsnotify_parent() functions in fs/notify/fsnotify.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d
https://git.kernel.org/stable/c/f9a48bc3dd9099935751458a5bbbea4b7c28abc8
https://git.kernel.org/stable/c/d8c42405fc3507cc43ba7e4986a773c3fc633f6e
https://git.kernel.org/stable/c/fc1b1e135c3f72382f792e6c319fc088d5523ad5
https://git.kernel.org/stable/c/7ef1d2e240c32b1f337a37232d037b07e3919e1a
https://git.kernel.org/stable/c/172e422ffea20a89bfdc672741c1aad6fbb5044e

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.