CVE-2024-50210

In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the lock to make the lock balance and fput the clockid's fd to make the refcount balance and release the fd related resource. However the below commit left the error path locked behind resulting in unbalanced locking. Check timespec64_valid_strict() before get_clock_desc() to fix it, because the "ts" is not changed after that. [pabeni@redhat.com: fixed commit message typo]

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1ba33b327c3f88a7baee598979d73ab5b44d41cc	Patch
https://git.kernel.org/stable/c/5f063bbf1ee6b01611c016b54e050a41506eb794	Patch
https://git.kernel.org/stable/c/6e62807c7fbb3c758d233018caf94dfea9c65dbd	Patch
https://git.kernel.org/stable/c/a8219446b95a859488feaade674d13f9efacfa32	Patch
https://git.kernel.org/stable/c/b27330128eca25179637c1816d5a72d6cc408c66	Patch
https://git.kernel.org/stable/c/c7fcfdba35abc9f39b83080c2bce398dad13a943	Patch
https://git.kernel.org/stable/c/d005400262ddaf1ca1666bbcd1acf42fe81d57ce	Patch
https://git.kernel.org/stable/c/e56e0ec1b79f5a6272c6e78b36e9d593aa0449af	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.15.169:::::::*
	cpe:2.3:o:linux:linux_kernel:6.1.114:::::::*
	cpe:2.3:o:linux:linux_kernel:6.6.58:::::::*
	cpe:2.3:o:linux:linux_kernel:6.11.5:::::::*
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::

History

No history.

Information

Published : 2024-11-08 06:15

Updated : 2024-11-19 16:26

NVD link : CVE-2024-50210

Mitre link : CVE-2024-50210

CVE.ORG link : CVE-2024-50210

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-667

Improper Locking

{"id": "CVE-2024-50210", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-11-08T06:15:17.350", "references": [{"url": "https://git.kernel.org/stable/c/1ba33b327c3f88a7baee598979d73ab5b44d41cc", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5f063bbf1ee6b01611c016b54e050a41506eb794", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/6e62807c7fbb3c758d233018caf94dfea9c65dbd", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a8219446b95a859488feaade674d13f9efacfa32", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b27330128eca25179637c1816d5a72d6cc408c66", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c7fcfdba35abc9f39b83080c2bce398dad13a943", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d005400262ddaf1ca1666bbcd1acf42fe81d57ce", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e56e0ec1b79f5a6272c6e78b36e9d593aa0449af", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid's fd,\nand get the clk->rwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid's fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: posix-clock: posix-clock: Corregir bloqueo desequilibrado en pc_clock_settime() Si get_clock_desc() tiene \u00e9xito, llama a fget() para el fd del clockid y obtiene el bloqueo de lectura clk->rwsem, por lo que la ruta de error deber\u00eda liberar el bloqueo para equilibrar el bloqueo y fput el fd del clockid para equilibrar el refcount y liberar el recurso relacionado con el fd. Sin embargo, la siguiente confirmaci\u00f3n dej\u00f3 la ruta de error bloqueada, lo que result\u00f3 en un bloqueo desequilibrado. Verifique timespec64_valid_strict() antes de get_clock_desc() para corregirlo, porque el \"ts\" no se cambia despu\u00e9s de eso. [pabeni@redhat.com: se corrigi\u00f3 un error tipogr\u00e1fico en el mensaje de confirmaci\u00f3n]"}], "lastModified": "2024-11-19T16:26:34.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CEF9F93-A67A-45C9-9C51-0024664ACC19", "versionEndExcluding": "5.11", "versionStartIncluding": "5.10.228"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15.169:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65E5B4C5-20C7-42FD-B670-6B09641CC073"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1.114:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFC6719E-D39A-44B0-90DD-F606EE505404"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38BA5D36-31FC-4EF3-9E92-9B67AB6F2D42"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "101C7DA2-28FF-4CC0-A476-2C8D49CD2AC5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}