What is the severity of CVE-2024-27020?

CVE-2024-27020 has been classified as a medium severity vulnerability due to the potential data race condition in the Linux kernel.

How do I fix CVE-2024-27020?

To fix CVE-2024-27020, update your kernel to versions 5.15.157, 6.1.88, or later versions as specified in the security advisories.

What versions of the Linux kernel are affected by CVE-2024-27020?

CVE-2024-27020 affects various versions of the Linux kernel from 3.13 up to 6.9-rc4, depending on the specific distribution and version.

Who reported the vulnerability CVE-2024-27020?

CVE-2024-27020 was reported as a potential data race condition in the kernel netfilter component.

Is there a workaround for CVE-2024-27020?

Currently, there is no known workaround for CVE-2024-27020, making it essential to apply the recommended kernel updates.

Vulnerability/
CVE-2024-27020

high

CWE

362

1/5/2024

19/12/2024

CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()

First published: Wed May 01 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
redhat/kernel	<5.15.157	5.15.157
redhat/kernel	<6.1.88	6.1.88
redhat/kernel	<6.6.29	6.6.29
redhat/kernel	<6.8.8	6.8.8
redhat/kernel	<6.9	6.9
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.119-1 6.12.9-1 6.12.10-1
Linux Kernel	>=3.13<4.19.313
Linux Kernel	>=4.20<5.4.275
Linux Kernel	>=5.5<5.10.216
Linux Kernel	>=5.11<5.15.157
Linux Kernel	>=5.16<6.1.88
Linux Kernel	>=6.2<6.6.29
Linux Kernel	>=6.7<6.8.8
Linux Kernel	=6.9-rc1
Linux Kernel	=6.9-rc2
Linux Kernel	=6.9-rc3
Linux Kernel	=6.9-rc4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-27020?
CVE-2024-27020 has been classified as a medium severity vulnerability due to the potential data race condition in the Linux kernel.
How do I fix CVE-2024-27020?
To fix CVE-2024-27020, update your kernel to versions 5.15.157, 6.1.88, or later versions as specified in the security advisories.
What versions of the Linux kernel are affected by CVE-2024-27020?
CVE-2024-27020 affects various versions of the Linux kernel from 3.13 up to 6.9-rc4, depending on the specific distribution and version.
Who reported the vulnerability CVE-2024-27020?
CVE-2024-27020 was reported as a potential data race condition in the kernel netfilter component.
Is there a workaround for CVE-2024-27020?
Currently, there is no known workaround for CVE-2024-27020, making it essential to apply the recommended kernel updates.

agent/title
agent/type
agent/weakness
collector/launchpad-cve
source/Launchpad
agent/remedy
agent/author
agent/first-publish-date
agent/severity
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2024-27020
agent/software-canonical-lookup
agent/references
collector/usn-cve
source/Ubuntu
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-api
package-manager/redhat
package-manager/debian
vendor/linux
canonical/linux kernel
version/linux kernel/3.13
version/linux kernel/4.20
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.9-rc1
version/linux kernel/6.9-rc2
version/linux kernel/6.9-rc3
version/linux kernel/6.9-rc4

CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-27020?

How do I fix CVE-2024-27020?

What versions of the Linux kernel are affected by CVE-2024-27020?

Who reported the vulnerability CVE-2024-27020?

Is there a workaround for CVE-2024-27020?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-27020?

How do I fix CVE-2024-27020?

What versions of the Linux kernel are affected by CVE-2024-27020?

Who reported the vulnerability CVE-2024-27020?

Is there a workaround for CVE-2024-27020?