lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 15 Mar 2024 21:15:01 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2021-47111: xen-netback: take a reference to the RX task thread

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

xen-netback: take a reference to the RX task thread

Do this in order to prevent the task from being freed if the thread
returns (which can be triggered by the frontend) before the call to
kthread_stop done as part of the backend tear down. Not taking the
reference will lead to a use-after-free in that scenario. Such
reference was taken before but dropped as part of the rework done in
2ac061ce97f4.

Reintroduce the reference taking and add a comment this time
explaining why it's needed.

This is XSA-374 / CVE-2021-28691.

The Linux kernel CVE team has assigned CVE-2021-47111 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 5.5 with commit 2ac061ce97f4 and fixed in 5.10.43 with commit 6b53db8c4c14
	Issue introduced in 5.5 with commit 2ac061ce97f4 and fixed in 5.12.10 with commit caec9bcaeb1a
	Issue introduced in 5.5 with commit 2ac061ce97f4 and fixed in 5.13 with commit 107866a8eb0b

Please see https://www.kernel.org or a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2021-47111
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/net/xen-netback/interface.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/6b53db8c4c14b4e7256f058d202908b54a7b85b4
	https://git.kernel.org/stable/c/caec9bcaeb1a5f03f2d406305355c853af10c13e
	https://git.kernel.org/stable/c/107866a8eb0b664675a260f1ba0655010fac1e08

Powered by blists - more mailing lists