摘要:
In the Linux kernel, the following vulnerability has been resolved:tracing/timerlat: Only clear timer if a kthread existsThe timerlat tracer can use user space threads to check for osnoise andtimer latency. If the program using this is killed via a SIGTERM, thethreads are shutdown one at a time and another tracing instance can startup resetting the threads before they are fully closed. That causes thehrtimer assigned to the kthread to be shutdown and freed twice when thedying thread finally closes the file descriptors, causing a use-after-freebug.Only cancel the hrtimer if the associated thread is still around. Also addthe interface_lock around the resetting of the tlat_var->kthread.Note, this is just a quick fix that can be backported to stable. A realfix is to have a better synchronization between the shutdown of oldthreads and the starting of new ones.
安全等级: Low
公告ID: KylinSec-SA-2024-3922
发布日期: 2024年10月11日
关联CVE: CVE-2024-46845
In the Linux kernel, the following vulnerability has been resolved:tracing/timerlat: Only clear timer if a kthread existsThe timerlat tracer can use user space threads to check for osnoise andtimer latency. If the program using this is killed via a SIGTERM, thethreads are shutdown one at a time and another tracing instance can startup resetting the threads before they are fully closed. That causes thehrtimer assigned to the kthread to be shutdown and freed twice when thedying thread finally closes the file descriptors, causing a use-after-freebug.Only cancel the hrtimer if the associated thread is still around. Also addthe interface_lock around the resetting of the tlat_var->kthread.Note, this is just a quick fix that can be backported to stable. A realfix is to have a better synchronization between the shutdown of oldthreads and the starting of new ones.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-46845 | KY3.4-5A | kernel | Unaffected |
| CVE-2024-46845 | KY3.5.2 | kernel | Unaffected |
