In the Linux kernel, the following vulnerability has been resolved:
net: fix possible store tearing in neigh_periodic_work()
While looking at a related syzbot report involving neigh_periodic_work(),
I found that I forgot to add an annotation when deleting an
RCU protected item from a list.
Readers use rcu_deference(*np), we need to use either
rcu_assign_pointer() or WRITE_ONCE() on writer side
to prevent store tearing.
I use rcu_assign_pointer() to have lockdep support,
this was the choice made in neigh_flush_dev().
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.2::nfv |
Mon, 04 Nov 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 24 Sep 2024 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
|
CPEs | cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_eus:8.8 cpe:/o:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus |
Tue, 24 Sep 2024 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8::nfv |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-03-02T21:52:29.710Z
Updated: 2024-11-06T19:54:03.263Z
Reserved: 2024-02-20T12:30:33.317Z
Link: CVE-2023-52522
Vulnrichment
Updated: 2024-08-02T23:03:20.631Z
NVD
Status : Awaiting Analysis
Published: 2024-03-02T22:15:48.170
Modified: 2024-11-21T08:39:57.493
Link: CVE-2023-52522
Redhat