Rapid7 Vulnerability & Exploit Database

Debian: CVE-2024-36286: linux——安全更新

Free InsightVM Trial 无需信用卡
2024年攻击情报报告 Rapid7实验室的最新研究
Back to Search

Debian: CVE-2024-36286: linux——安全更新

Severity
4
CVSS
(AV: L /交流:米/非盟:N / C: P / I: P / A: P)
Published
06/21/2024
Created
06/28/2024
Added
06/27/2024
Modified
06/27/2024

Description

在Linux内核中,修复了以下漏洞: Netfilter: nfnetlink_queue:获取rcu_read_lock() in instance_destroy_rcu() Syzbot报告说nf_reinject()可以在没有rcu_read_lock()的情况下调用: 警告:可疑的RCU使用 6.9.0 - rc7 syzkaller - 02060 g5c1672705a1a # 0未污染 net/netfilter/nfnetlink_queue.C:263可疑的rcu_dereference_check()用法! 其他可能帮助我们调试的信息: Rcu_scheduler_active = 2, debug_locks = 1 syz-executor持有2个锁.4/13427: #0: ffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline] #0: ffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_do_batch内核/ rcu /树.c:2190 [inline] #0: ffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_core+0xa86/0x1830 kernel/rcu/tree.c:2471 #1: ffff88801ca92958&inst->lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline] #1: ffff88801ca92958&inst->lock){+.-.}-{2:2}, at: nfqnl_flush net/netfilter/nfnetlink_queue.c:405 [inline] #1: ffff88801ca92958&inst->lock){+.-.}-{2:2}, at: instance_destroy_rcu+0x30/0x220 net/netfilter/nfnetlink_queue.c:172 stack backtrace: CPU: 0 PID: 13427 Comm: syz-executor.4 Not tainted 6.9.0 - rc7 syzkaller - 02060 g5c1672705a1a # 0 硬件名称:Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 Call Trace: __dump_stack lib / dump_stack.c:88 [inline] x241/0x360 lib / dump_stack dump_stack_lvl + 0.c:114 lockdep_rcu_suspicious + 0 /锁定/ lockdep x221/0x340内核.c:6712 nf_reinject net/netfilter/nfnetlink_queue.c:323 [inline] nfqnl_reinject + 0 x6ec / 0 x1120 net/netfilter/nfnetlink_queue.c:397 nfqnl_flush net/netfilter/nfnetlink_queue.c:410 [inline] instance_destroy_rcu + 0 x1ae / 0 x220 net/netfilter/nfnetlink_queue.c:172 rcu_do_batch内核/ rcu /树.c:2196 [inline] rcu_core + 0 xafd / 0 x1830内核/ rcu /树.c:2471 handle_softirqs + 0 x2d6/0x990内核/软中断.c:554 __do_softirq内核/软中断.c:588 [inline] invoke_softirq内核/软中断.c:428 [inline] __irq_exit_rcu + 0 xf4/0x1c0内核/软中断.c:637 irq_exit_rcu + 0 x9/0x30内核/软中断.c:649 instr_sysvec_apic_timer_interrupt拱/ x86 /内核/ apic apic.c:1043 [inline] sysvec_apic_timer_interrupt + 0 xa6/0xc0拱/ x86 /内核/ apic apic.c:1043

Solution(s)

  • debian-upgrade-linux

References

insightVM

高级漏洞管理分析和报告.
Key Features
Free InsightVM Trial View All Features

使用Rapid7实时仪表板, 我对我的网络上的所有资产都有一个清晰的视图, 哪些是可以利用的, 以及我需要做些什么来实时减少环境中的风险. 没有其他工具能给我们这样的价值和洞察力.

- Scott Cheney, Sierra View医疗中心信息安全经理

;