CVE-2024-41005
Published: Jul 12, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10: net_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822) <snip> read to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2: netpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393) netpoll_send_udp (net/core/netpoll.c:?) <snip> value changed: 0x0000000a -> 0xffffffff This happens because netpoll_owner_active() needs to check if the current CPU is the owner of the lock, touching napi->poll_owner non atomically. The ->poll_owner field contains the current CPU holding the lock. Use an atomic read to check if the poll owner is the current CPU.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 89c4b442b78bdba388337cc746fe63caba85f46c - < 43c0ca793a18578a0f5b305dd77fcf7ed99f1265affected 89c4b442b78bdba388337cc746fe63caba85f46c - < efd29cd9c7b8369dfc7bcb34637e6bf1a188aa8eaffected 89c4b442b78bdba388337cc746fe63caba85f46c - < 96826b16ef9c6568d31a1f6ceaa266411a46e46caffected 89c4b442b78bdba388337cc746fe63caba85f46c - < 3f1a155950a1685ffd0fd7175b3f671da8771f3daffected 89c4b442b78bdba388337cc746fe63caba85f46c - < a130e7da73ae93afdb4659842267eec734ffbd57+1 more versions |
Linux | Linux | affected 4.10unaffected 0 - < 4.10unaffected 5.10.221 - <= 5.10.*unaffected 5.15.162 - <= 5.15.*unaffected 6.1.96 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now