SB20240608225 - Improper locking in Linux kernel afs
Published: June 8, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240608225
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2024-26848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_dir_iterate_block() function in fs/afs/dir.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/5c78be006ed9cb735ac2abf4fd64f3f4ea26da31
- https://git.kernel.org/stable/c/854ebf45a4ddd4cadeffb6644e88d19020634e1a
- https://git.kernel.org/stable/c/96370ba395c572ef496fd2c7afc4a1ab3dedd3f0
- https://git.kernel.org/stable/c/b94f434fe977689da4291dc21717790b9bd1c064
- https://git.kernel.org/stable/c/80b15346492bdba677bbb0adefc611910e505f7b
- https://git.kernel.org/stable/c/a6ffae61ad9ebf2fdcb943135b2f30c85f49cd27
- https://git.kernel.org/stable/c/058ed71e0f7aa3b6694ca357e23d084e5d3f2470
- https://git.kernel.org/stable/c/76426abf9b980b46983f97de8e5b25047b4c9863
- https://git.kernel.org/stable/c/f67898867b6b0f4542cddc7fe57997978b948a7a
- https://git.kernel.org/stable/c/106e14ca55a0acb3236ee98813a1d243f8aa2d05
- https://git.kernel.org/stable/c/fe02316e4933befc621fa125efb8f8b4d04cceec
- https://git.kernel.org/stable/c/9c41f4935625218a2053a2dce1423c3054169809
- https://git.kernel.org/stable/c/5f7a07646655fb4108da527565dcdc80124b14c4
- https://git.kernel.org/stable/c/2afdd0cb02329464d77f3ec59468395c791a51a4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.2