| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024051741-CVE-2024-35812-c804@gregkh> Date: Fri, 17 May 2024 15:23:52 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-35812: usb: cdc-wdm: close race between read and workqueue Description =========== In the Linux kernel, the following vulnerability has been resolved: usb: cdc-wdm: close race between read and workqueue wdm_read() cannot race with itself. However, in service_outstanding_interrupt() it can race with the workqueue, which can be triggered by error handling. Hence we need to make sure that the WDM_RESPONDING flag is not just only set but tested. The Linux kernel CVE team has assigned CVE-2024-35812 to this issue. Affected and fixed versions =========================== Issue introduced in 2.6.26 with commit afba937e540c and fixed in 4.19.312 with commit 590441121960 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 4.19.313 with commit 347cca11bb78 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 5.4.274 with commit 3afdcc4e1a00 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 5.4.275 with commit 164be0a82438 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 5.10.215 with commit 9b319f4a8809 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 5.10.216 with commit ab92e11b73b4 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 5.15.154 with commit a86e54a34513 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 5.15.157 with commit 7182175f565f Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.1.84 with commit 916cd2fcbc1e Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.1.88 with commit 8672ad663a22 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.6.24 with commit da3b75931bb7 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.6.29 with commit 2ff436b63998 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.7.12 with commit 972360238721 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.8.3 with commit 19f955ad9437 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.8.8 with commit e4e47e406d74 Issue introduced in 2.6.26 with commit afba937e540c and fixed in 6.9 with commit 339f83612f3a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-35812 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/usb/class/cdc-wdm.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/5904411219601127ffdbd2d622bb5d67f9d8d16c https://git.kernel.org/stable/c/347cca11bb78b9f3c29b45a9c52e70258bd008bf https://git.kernel.org/stable/c/3afdcc4e1a00facad210f5c5891bb2fbc026067f https://git.kernel.org/stable/c/164be0a824387301312689bb29b2be92ab2cd39d https://git.kernel.org/stable/c/9b319f4a88094b2e020e6db6e819c808d890098d https://git.kernel.org/stable/c/ab92e11b73b48b79f144421430891f3aa6242656 https://git.kernel.org/stable/c/a86e54a345139f1a7668c9f83bdc7ac6f91b6f78 https://git.kernel.org/stable/c/7182175f565ffffa2ba1911726c5656bfc7a1bae https://git.kernel.org/stable/c/916cd2fcbc1e344bcabf4b2a834cdf5a0417d30c https://git.kernel.org/stable/c/8672ad663a22d0e4a325bb7d817b36ec412b967c https://git.kernel.org/stable/c/da3b75931bb737be74d6b4341e0080f233ed1409 https://git.kernel.org/stable/c/2ff436b6399859e06539a2b9c667897d3cc85ad5 https://git.kernel.org/stable/c/9723602387217caa71d623ffcce314dc39e84a09 https://git.kernel.org/stable/c/19f955ad9437a6859a529af34e2eafd903d5e7c1 https://git.kernel.org/stable/c/e4e47e406d74cab601b2ab21ba5e3add811e05ae https://git.kernel.org/stable/c/339f83612f3a569b194680768b22bf113c26a29d
Powered by blists - more mailing lists