🛡️ CVE-2024-42271
🟠 CVSS 7.8 — High ✅ No Known Exploit CWE-416 NVD
7.8
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is called from process context and from bh context. iucv->path is used as indicator whether somebody else is taking care of severing the path (or it is already removed / never existed). This needs to be done with atomic compare and swap, otherwise there is a small window where iucv_sock_close() will try to work with a path that has already been severed and freed by iucv_callback_connrej() called by iucv_tasklet_fn(). Example: [452744.123844] Call Trace: [452744.123845] ([] 0x1e87f03880) [452744.123966] [] iucv_path_sever+0x96/0x138 [452744.124330] [] iucv_sever_path+0xc2/0xd0 [af_iucv] [452744.124336] [] iucv_sock_close+0xa6/0x310 [af_iucv] [452744.124341] [] iucv_sock_release+0x3c/0xd0 [af_iucv] [452744.124345] [] __sock_release+0x5e/0xe8 [452744.124815] [] sock_close+0x34/0x48 [452744.124820] [] __fput+0xba/0x268 [452744.124826] [] task_work_run+0xbc/0xf0 [452744.124832] [] do_notify_resume+0x88/0x90 [452744.124841] [] system_call+0xe2/0x2c8 [452744.125319] Last Breaking-Event-Address: [452744.125321] [] iucv_path_sever+0x90/0x138 [452744.125324] [452744.125325] Kernel panic - not syncing: Fatal exception in interrupt Note that bh_lock_sock() is not serializing the tasklet context against process context, because the check for sock_owned_by_user() and corresponding handling is missing. Ideas for a future clean-up patch: A) Correct usage of bh_lock_sock() in tasklet context, as described in Re-enqueue, if needed. This may require adding return values to the tasklet functions and thus changes to all users of iucv. B) Change iucv tasklet into worker and use only lock_sock() in af_iucv.

Details

Severity HIGH
CVSS Score 7.8
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE CWE-416
Public Exploit ✅ No
Source NVD
Published 2024-08-17
Updated 2026-06-02
Modified 2025-11-03

Affected Packages

Software From version Fixed in
linux-kernel

Similar Threats

Site Security Check

Concerned your site may already be targeted?

BotEraser analyzes incoming traffic patterns and helps identify bot behavior consistent with known exploit attempts.

Check My Site Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.