CVE-2024-46681
Severity:
MEDIUM
Type:
Unavailable / Other
Publication date:
13/09/2024
Last modified:
19/09/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
pktgen: use cpus_read_lock() in pg_net_init()<br />
<br />
I have seen the WARN_ON(smp_processor_id() != cpu) firing<br />
in pktgen_thread_worker() during tests.<br />
<br />
We must use cpus_read_lock()/cpus_read_unlock()<br />
around the for_each_online_cpu(cpu) loop.<br />
<br />
While we are at it use WARN_ON_ONCE() to avoid a possible syslog flood.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.12 (including) | 6.10.8 (excluding) |
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page