CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock

First published: Sat Jan 11 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the same time as a read of its file in sysfs: | ====================================================== | WARNING: possible circular locking dependency detected | 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted | ------------------------------------------------------ | iptables/3303 is trying to acquire lock: | ffff8881057e04b8 (kn->active#48){++++}-{0:0}, at: __kernfs_remove+0x20 | | but task is already holding lock: | ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v] | | which lock already depends on the new lock. A simple reproducer is: | #!/bin/bash | | while true; do | iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label "testme" | iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label "testme" | done & | while true; do | cat /sys/class/xt_idletimer/timers/testme >/dev/null | done Avoid this by freeing list_mutex right after deleting the element from the list, then continuing with the teardown.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/mitre-cve
• source/MITRE
• agent/references
• agent/title
• agent/description
• agent/first-publish-date
• agent/type
• agent/author
• agent/event
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/weakness
• agent/remedy
• agent/last-modified-date
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/source
• vendor/linux
• canonical/linux linux kernel
• version/linux linux kernel/2.6.36
• version/linux linux kernel/6.7
• version/linux linux kernel/6.13-rc1
• version/linux linux kernel/6.13-rc2