PT-2024-1002 · Linux+9 · Linux Kernel+9

Michal Luczaj

Publicado

2024-04-11

Atualizado

2025-09-29

CVE-2024-26923

CVSS v2.0

6.0

Média

Vetor

AV:L/AC:H/Au:S/C:C/I:C/A:C

Nome do software vulnerável e versões afetadas

Kernel do Linux (versões afetadas não especificadas)

Descrição

O problema está relacionado a uma corrida entre o coletor de lixo e a função connect() no kernel do Linux, afetando especificamente os soquetes AF UNIX/SOCK STREAM. O coletor de lixo não leva em conta o risco de um objeto embrionário ser enfileirado durante a coleta de lixo, levando a uma contagem de objetos em trânsito incorretamente elevada e a um ponteiro pendente dentro da lista gc inflight list. Isso pode ocorrer quando um soquete não conectado (S) é usado para enviar uma mensagem a um soquete em voo (L) em escuta vinculado a um endereço, e o descritor de arquivo (fd de V) é passado via sendmsg(), fazendo com que a contagem de voo aumente. A vulnerabilidade pode levar à escalada de privilégios locais devido à corrupção de memória, sem a necessidade de privilégios de execução adicionais, e a interação do usuário não é necessária para a exploração.

Recomendações

No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

Exploit

DoS

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

ALSA-2024:7000

ALSA-2024:7001

ALSA-2024:8617

ALSA-2025_16880

ASB-A-336268889

BDU:2024-03615

CESA-2024_7000

CESA-2024_7001

CVE-2024-26923

DLA-3840-1

DLA-3842-1

DSA-5680-1

DSA-5681-1

INFSA-2024_7000

INFSA-2024_7001

INFSA-2024_8617

LSN-0107-1

OESA-2024-1650

OESA-2024-1651

OESA-2024-1652

OESA-2024-1680

OESA-2024-1681

OPENSUSE-SU-2024_2362-1

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

OPENSUSE-SU-2024_3623-1

OPENSUSE-SU-2024_3625-1

OPENSUSE-SU-2024_3631-1

OPENSUSE-SU-2024_3632-1

OPENSUSE-SU-2024_3636-1

OPENSUSE-SU-2024_3639-1

OPENSUSE-SU-2024_3651-1

OPENSUSE-SU-2024_3652-1

OPENSUSE-SU-2024_3661-1

OPENSUSE-SU-2024_3672-1

OPENSUSE-SU-2024_3679-1

OPENSUSE-SU-2024_3685-1

OPENSUSE-SU-2024_3694-1

OPENSUSE-SU-2024_3695-1

OPENSUSE-SU-2024_3696-1

OPENSUSE-SU-2024_3697-1

OPENSUSE-SU-2024_3700-1

OPENSUSE-SU-2024_3701-1

OPENSUSE-SU-2024_3702-1

OPENSUSE-SU-2024_3710-1

OPENSUSE-SU-2024_3774-1

OPENSUSE-SU-2024_3780-1

OPENSUSE-SU-2024_3793-1

OPENSUSE-SU-2024_3798-1

OPENSUSE-SU-2024_3806-1

OPENSUSE-SU-2024_3814-1

OPENSUSE-SU-2024_3815-1

OPENSUSE-SU-2024_3829-1

OPENSUSE-SU-2024_3830-1

OPENSUSE-SU-2024_3831-1

OPENSUSE-SU-2024_3833-1

OPENSUSE-SU-2024_3837-1

OPENSUSE-SU-2024_3840-1

OPENSUSE-SU-2024_3842-1

OPENSUSE-SU-2024_3851-1

OPENSUSE-SU-2024_3852-1

OPENSUSE-SU-2024_3854-1

OPENSUSE-SU-2024_3855-1

OPENSUSE-SU-2024_3857-1

OPENSUSE-SU-2024_3860-1

OPENSUSE-SU-2024_4122-1

OPENSUSE-SU-2024_4123-1

OPENSUSE-SU-2024_4124-1

OPENSUSE-SU-2024_4125-1

OPENSUSE-SU-2024_4127-1

OPENSUSE-SU-2024_4180-1

OPENSUSE-SU-2024_4207-1

OPENSUSE-SU-2024_4214-1

OPENSUSE-SU-2024_4216-1

OPENSUSE-SU-2024_4218-1

OPENSUSE-SU-2024_4228-1

OPENSUSE-SU-2024_4234-1

OPENSUSE-SU-2024_4235-1

OPENSUSE-SU-2024_4236-1

OPENSUSE-SU-2024_4243-1

OPENSUSE-SU-2024_4246-1

OPENSUSE-SU-2024_4256-1

OPENSUSE-SU-2024_4264-1

OPENSUSE-SU-2024_4266-1

OPENSUSE-SU-2024_4275-1

OPENSUSE-SU-2025_0101-1

OPENSUSE-SU-2025_0106-1

OPENSUSE-SU-2025_0107-1

OPENSUSE-SU-2025_0109-1

OPENSUSE-SU-2025_0110-1

OPENSUSE-SU-2025_0114-1

OPENSUSE-SU-2025_0115-1

OPENSUSE-SU-2025_0124-1

OPENSUSE-SU-2025_0131-1

OPENSUSE-SU-2025_0137-1

OPENSUSE-SU-2025_0138-1

OPENSUSE-SU-2025_0146-1

OPENSUSE-SU-2025_0150-1

OPENSUSE-SU-2025_0158-1

OPENSUSE-SU-2025_0164-1

OPENSUSE-SU-2025_0238-1

OPENSUSE-SU-2025_0239-1

OPENSUSE-SU-2025_0240-1

OPENSUSE-SU-2025_0244-1

OPENSUSE-SU-2025_0248-1

OPENSUSE-SU-2025_0249-1

OPENSUSE-SU-2025_0251-1

OPENSUSE-SU-2025_0252-1

OPENSUSE-SU-2025_0253-1

OPENSUSE-SU-2025_0254-1

OPENSUSE-SU-2025_0260-1

OPENSUSE-SU-2025_0261-1

OPENSUSE-SU-2025_0264-1

OPENSUSE-SU-2025_0266-1

RHSA-2024:4823

RHSA-2024:4831

RHSA-2024:6993

RHSA-2024:7000

RHSA-2024:7001

RHSA-2024:7486

RHSA-2024:8617

RHSA-2024_7000

RHSA-2024_7001

RHSA-2024_8617

RLSA-2024:7001

RLSA-2024:8617

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2326-1

SUSE-SU-2024:2335-1

SUSE-SU-2024:2337-1

SUSE-SU-2024:2338-1

SUSE-SU-2024:2341-1

SUSE-SU-2024:2342-1

SUSE-SU-2024:2343-1

SUSE-SU-2024:2344-1

SUSE-SU-2024:2351-1

SUSE-SU-2024:2357-1

SUSE-SU-2024:2358-1

SUSE-SU-2024:2360-1

SUSE-SU-2024:2362-1

SUSE-SU-2024:2365-1

SUSE-SU-2024:2368-1

SUSE-SU-2024:2369-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2373-1

SUSE-SU-2024:2382-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2396-1

SUSE-SU-2024:2407-1

SUSE-SU-2024:2410-1

SUSE-SU-2024:2411-1

SUSE-SU-2024:2437-1

SUSE-SU-2024:2446-1

SUSE-SU-2024:2447-1

SUSE-SU-2024:2448-1

SUSE-SU-2024:2449-1

SUSE-SU-2024:2472-1

SUSE-SU-2024:2473-1

SUSE-SU-2024:2474-1

SUSE-SU-2024:2480-1

SUSE-SU-2024:2487-1

SUSE-SU-2024:2488-1

SUSE-SU-2024:2495-1

SUSE-SU-2024:2530-1

SUSE-SU-2024:2549-1

SUSE-SU-2024:2558-1

SUSE-SU-2024:2559-1

SUSE-SU-2024:2561-1

SUSE-SU-2024:2722-1

SUSE-SU-2024:2723-1

SUSE-SU-2024:2725-1

SUSE-SU-2024:2726-1

SUSE-SU-2024:2740-1

SUSE-SU-2024:2751-1

SUSE-SU-2024:2755-1

SUSE-SU-2024:2758-1

SUSE-SU-2024:2759-1

SUSE-SU-2024:2773-1

SUSE-SU-2024:2792-1

SUSE-SU-2024:2797-1

SUSE-SU-2024:2821-1

SUSE-SU-2024:2822-1

SUSE-SU-2024:2823-1

SUSE-SU-2024:2824-1

SUSE-SU-2024:2825-1

SUSE-SU-2024:2840-1

SUSE-SU-2024:2841-1

SUSE-SU-2024:2843-1

SUSE-SU-2024:2850-1

SUSE-SU-2024:2851-1

SUSE-SU-2024:2852-1

SUSE-SU-2024:2853-1

SUSE-SU-2024:2874-1

SUSE-SU-2024:2895-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2024:3015-1

SUSE-SU-2024:3034-1

SUSE-SU-2024:3037-1

SUSE-SU-2024:3039-1

SUSE-SU-2024:3043-1

SUSE-SU-2024:3044-1

SUSE-SU-2024:3048-1

SUSE-SU-2024:3318-1

SUSE-SU-2024:3319-1

SUSE-SU-2024:3320-1

SUSE-SU-2024:3334-1

SUSE-SU-2024:3336-1

SUSE-SU-2024:3347-1

SUSE-SU-2024:3348-1

SUSE-SU-2024:3349-1

SUSE-SU-2024:3350-1

SUSE-SU-2024:3363-1

SUSE-SU-2024:3365-1

SUSE-SU-2024:3368-1

SUSE-SU-2024:3370-1

SUSE-SU-2024:3375-1

SUSE-SU-2024:3379-1

SUSE-SU-2024:3399-1

SUSE-SU-2024:3623-1

SUSE-SU-2024:3625-1

SUSE-SU-2024:3631-1

SUSE-SU-2024:3632-1

SUSE-SU-2024:3636-1

SUSE-SU-2024:3639-1

SUSE-SU-2024:3642-1

SUSE-SU-2024:3649-1

SUSE-SU-2024:3651-1

SUSE-SU-2024:3652-1

SUSE-SU-2024:3661-1

SUSE-SU-2024:3662-1

SUSE-SU-2024:3663-1

SUSE-SU-2024:3672-1

SUSE-SU-2024:3674-1

SUSE-SU-2024:3676-1

SUSE-SU-2024:3679-1

SUSE-SU-2024:3685-1

SUSE-SU-2024:3694-1

SUSE-SU-2024:3695-1

SUSE-SU-2024:3696-1

SUSE-SU-2024:3697-1

SUSE-SU-2024:3700-1

SUSE-SU-2024:3701-1

SUSE-SU-2024:3702-1

SUSE-SU-2024:3710-1

SUSE-SU-2024:3774-1

SUSE-SU-2024:3780-1

SUSE-SU-2024:3793-1

SUSE-SU-2024:3796-1

SUSE-SU-2024:3798-1

SUSE-SU-2024:3800-1

SUSE-SU-2024:3803-1

SUSE-SU-2024:3806-1

SUSE-SU-2024:3814-1

SUSE-SU-2024:3815-1

SUSE-SU-2024:3820-1

SUSE-SU-2024:3821-1

SUSE-SU-2024:3822-1

SUSE-SU-2024:3829-1

SUSE-SU-2024:3830-1

SUSE-SU-2024:3831-1

SUSE-SU-2024:3833-1

SUSE-SU-2024:3837-1

SUSE-SU-2024:3840-1

SUSE-SU-2024:3842-1

SUSE-SU-2024:3849-1

SUSE-SU-2024:3851-1

SUSE-SU-2024:3852-1

SUSE-SU-2024:3854-1

SUSE-SU-2024:3855-1

SUSE-SU-2024:3857-1

SUSE-SU-2024:3860-1

SUSE-SU-2024:4122-1

SUSE-SU-2024:4123-1

SUSE-SU-2024:4124-1

SUSE-SU-2024:4125-1

SUSE-SU-2024:4127-1

SUSE-SU-2024:4180-1

SUSE-SU-2024:4197-1

SUSE-SU-2024:4207-1

SUSE-SU-2024:4214-1

SUSE-SU-2024:4216-1

SUSE-SU-2024:4218-1

SUSE-SU-2024:4226-1

SUSE-SU-2024:4228-1

SUSE-SU-2024:4231-1

SUSE-SU-2024:4234-1

SUSE-SU-2024:4235-1

SUSE-SU-2024:4236-1

SUSE-SU-2024:4242-1

SUSE-SU-2024:4243-1

SUSE-SU-2024:4246-1

SUSE-SU-2024:4249-1

SUSE-SU-2024:4250-1

SUSE-SU-2024:4256-1

SUSE-SU-2024:4263-1

SUSE-SU-2024:4264-1

SUSE-SU-2024:4266-1

SUSE-SU-2024:4275-1

SUSE-SU-2025:0091-1

SUSE-SU-2025:0097-1

SUSE-SU-2025:0101-1

SUSE-SU-2025:0103-1

SUSE-SU-2025:0106-1

SUSE-SU-2025:0107-1

SUSE-SU-2025:0109-1

SUSE-SU-2025:0110-1

SUSE-SU-2025:0114-1

SUSE-SU-2025:0115-1

SUSE-SU-2025:0124-1

SUSE-SU-2025:0131-1

SUSE-SU-2025:0137-1

SUSE-SU-2025:0138-1

SUSE-SU-2025:0146-1

SUSE-SU-2025:0150-1

SUSE-SU-2025:0158-1

SUSE-SU-2025:0164-1

SUSE-SU-2025:0238-1

SUSE-SU-2025:0239-1

SUSE-SU-2025:0240-1

SUSE-SU-2025:0244-1

SUSE-SU-2025:0248-1

SUSE-SU-2025:0249-1

SUSE-SU-2025:0251-1

SUSE-SU-2025:0252-1

SUSE-SU-2025:0253-1

SUSE-SU-2025:0254-1

SUSE-SU-2025:0260-1

SUSE-SU-2025:0261-1

SUSE-SU-2025:0264-1

SUSE-SU-2025:0266-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6893-1

USN-6893-2

USN-6893-3

USN-6895-1

USN-6895-2

USN-6895-3

USN-6895-4

USN-6896-1

USN-6896-2

USN-6896-3

USN-6896-4

USN-6896-5

USN-6898-1

USN-6898-2

USN-6898-3

USN-6898-4

USN-6900-1

USN-6917-1

USN-6918-1

USN-6919-1

USN-6926-1

USN-6926-2

USN-6926-3

USN-6927-1

USN-6938-1

USN-7019-1

Produtos afetados

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-1002 · Linux+9 · Linux Kernel+9

CVE-2024-26923

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4585