CVE-2024-50294

Published: Nov 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connection and it will be removed from local->new_client_calls by rxrpc_disconnect_client_call() without a lock being held. This may cause other calls on the list to disappear if a race occurs. Fix this by taking the client_call_lock when removing a call from whatever list its ->wait_link happens to be on.

Vendor	Product	Versions
Linux	Linux	affected `9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d - < 996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92` affected `9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d - < b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b` affected `9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d - < fc9de52de38f656399d2ce40f7349a6b5f86e787`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.6.61 - <= 6.6.` unaffected `6.11.8 - <= 6.11.` unaffected `6.12 - <= *`

References

https://git.kernel.org/stable/c/996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92

https://git.kernel.org/stable/c/b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b

https://git.kernel.org/stable/c/fc9de52de38f656399d2ce40f7349a6b5f86e787

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-50294

Description

Affected Products

References