Resource Injection Affecting kernel-modules-extra package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS8-KERNELMODULESEXTRA-7405655
- published 26 Jun 2024
- disclosed 25 Jun 2024
Introduced: 25 Jun 2024
CVE-2024-39293 Open this link in a new tabHow to fix?
There is no fixed version for Centos:8 kernel-modules-extra.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-modules-extra package and not the kernel-modules-extra package as distributed by Centos.
See How to fix? for Centos:8 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
Revert "xsk: Support redirect to any socket bound to the same umem"
This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db.
This patch introduced a potential kernel crash when multiple napi instances redirect to the same AF_XDP socket. By removing the queue_index check, it is possible for multiple napi instances to access the Rx ring at the same time, which will result in a corrupted ring state which can lead to a crash when flushing the rings in __xsk_flush(). This can happen when the linked list of sockets to flush gets corrupted by concurrent accesses. A quick and small fix is not possible, so let us revert this for now.