SB2024071369 - Improper locking in Linux kernel batman-adv
Published: July 13, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024071369
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2024-40981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the batadv_purge_orig_ref() function in net/batman-adv/originator.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/79636f636126775436a11ee9cf00a9253a33ac11
- https://git.kernel.org/stable/c/154e3f862ba33675cf3f4abf0a0a309a89df87d2
- https://git.kernel.org/stable/c/82cdea8f3af1e36543c937df963d108c60bea030
- https://git.kernel.org/stable/c/92176caf9896572f00e741a93cecc0ef1172da07
- https://git.kernel.org/stable/c/fed7914858a1f1f3e6350bb0f620d6ef15107d16
- https://git.kernel.org/stable/c/2685008a5f9a636434a8508419cee8158a2f52c8
- https://git.kernel.org/stable/c/ae7f3cffe86aea3da0e8e079525a1ae619b8862a
- https://git.kernel.org/stable/c/40dc8ab605894acae1473e434944924a22cfaaa0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.317
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.162
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.279
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.96
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.36