Preventing Use-After-Free in cgroup v1
CVE-2024-43853

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 August 2024

What is CVE-2024-43853?

A Use-After-Free (UAF) vulnerability exists in the Linux kernel's cgroup/cpuset component. This vulnerability can be triggered during the reading of the /proc/cpuset file, leading to potential instability or security risks. The bug manifests when the cpuset is initialized and a race condition occurs during the mounting and unmounting of cgroups. Specifically, it arises when a reference to a cgroup that is slated for deallocation is retained, posing a risk for unauthorized access or manipulation. The fix involved employing an RCU (Read-Copy-Update) lock in the proc_cpuset_show() function to ensure that the cgroup cannot be freed while it is being accessed, thus mitigating the UAF risk.

Affected Version(s)

Linux a79a908fd2b080977b45bf103184b81c9d11ad07 < 27d6dbdc6485d68075a0ebf8544d6425c1ed84bb

Linux a79a908fd2b080977b45bf103184b81c9d11ad07 < 10aeaa47e4aa2432f29b3e5376df96d7dac5537a

Linux a79a908fd2b080977b45bf103184b81c9d11ad07 < 688325078a8b5badd6e07ae22b27cd04e9947aec

References

https://git.kernel.org/stable/c/27d6dbdc6485d68075a0ebf85...

https://git.kernel.org/stable/c/10aeaa47e4aa2432f29b3e537...

https://git.kernel.org/stable/c/688325078a8b5badd6e07ae22...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 17, 2024
Vulnerability Reserved
Aug 17, 2024

CVE-2024-43853 Data

JSON