PT-2024-1002 · Linux+9 · Linux Kernel+9

Michal Luczaj

Published

2024-04-11

Updated

2025-09-29

CVE-2024-26923

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a garbage collector racing against connect() in the Linux kernel, specifically affecting AF UNIX/SOCK STREAM sockets. The garbage collector does not account for the risk of an embryo getting enqueued during garbage collection, leading to an incorrectly elevated inflight count and a dangling pointer within the gc inflight list. This can occur when an unconnected socket (S) is used to send a message to a listening in-flight socket (L) bound to an address, and the file descriptor (V's fd) is passed via sendmsg(), getting the inflight count bumped. The vulnerability can lead to local privilege escalation due to memory corruption, with no additional execution privileges needed, and user interaction is not required for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2024:7000

ALSA-2024:7001

ALSA-2024:8617

ALSA-2025_16880

ASB-A-336268889

BDU:2024-03615

CESA-2024_7000

CESA-2024_7001

CVE-2024-26923

DLA-3840-1

DLA-3842-1

DSA-5680-1

DSA-5681-1

INFSA-2024_7000

INFSA-2024_7001

INFSA-2024_8617

LSN-0107-1

OESA-2024-1650

OESA-2024-1651

OESA-2024-1652

OESA-2024-1680

OESA-2024-1681

OPENSUSE-SU-2024_2362-1

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

OPENSUSE-SU-2024_3623-1

OPENSUSE-SU-2024_3625-1

OPENSUSE-SU-2024_3631-1

OPENSUSE-SU-2024_3632-1

OPENSUSE-SU-2024_3636-1

OPENSUSE-SU-2024_3639-1

OPENSUSE-SU-2024_3651-1

OPENSUSE-SU-2024_3652-1

OPENSUSE-SU-2024_3661-1

OPENSUSE-SU-2024_3672-1

OPENSUSE-SU-2024_3679-1

OPENSUSE-SU-2024_3685-1

OPENSUSE-SU-2024_3694-1

OPENSUSE-SU-2024_3695-1

OPENSUSE-SU-2024_3696-1

OPENSUSE-SU-2024_3697-1

OPENSUSE-SU-2024_3700-1

OPENSUSE-SU-2024_3701-1

OPENSUSE-SU-2024_3702-1

OPENSUSE-SU-2024_3710-1

OPENSUSE-SU-2024_3774-1

OPENSUSE-SU-2024_3780-1

OPENSUSE-SU-2024_3793-1

OPENSUSE-SU-2024_3798-1

OPENSUSE-SU-2024_3806-1

OPENSUSE-SU-2024_3814-1

OPENSUSE-SU-2024_3815-1

OPENSUSE-SU-2024_3829-1

OPENSUSE-SU-2024_3830-1

OPENSUSE-SU-2024_3831-1

OPENSUSE-SU-2024_3833-1

OPENSUSE-SU-2024_3837-1

OPENSUSE-SU-2024_3840-1

OPENSUSE-SU-2024_3842-1

OPENSUSE-SU-2024_3851-1

OPENSUSE-SU-2024_3852-1

OPENSUSE-SU-2024_3854-1

OPENSUSE-SU-2024_3855-1

OPENSUSE-SU-2024_3857-1

OPENSUSE-SU-2024_3860-1

OPENSUSE-SU-2024_4122-1

OPENSUSE-SU-2024_4123-1

OPENSUSE-SU-2024_4124-1

OPENSUSE-SU-2024_4125-1

OPENSUSE-SU-2024_4127-1

OPENSUSE-SU-2024_4180-1

OPENSUSE-SU-2024_4207-1

OPENSUSE-SU-2024_4214-1

OPENSUSE-SU-2024_4216-1

OPENSUSE-SU-2024_4218-1

OPENSUSE-SU-2024_4228-1

OPENSUSE-SU-2024_4234-1

OPENSUSE-SU-2024_4235-1

OPENSUSE-SU-2024_4236-1

OPENSUSE-SU-2024_4243-1

OPENSUSE-SU-2024_4246-1

OPENSUSE-SU-2024_4256-1

OPENSUSE-SU-2024_4264-1

OPENSUSE-SU-2024_4266-1

OPENSUSE-SU-2024_4275-1

OPENSUSE-SU-2025_0101-1

OPENSUSE-SU-2025_0106-1

OPENSUSE-SU-2025_0107-1

OPENSUSE-SU-2025_0109-1

OPENSUSE-SU-2025_0110-1

OPENSUSE-SU-2025_0114-1

OPENSUSE-SU-2025_0115-1

OPENSUSE-SU-2025_0124-1

OPENSUSE-SU-2025_0131-1

OPENSUSE-SU-2025_0137-1

OPENSUSE-SU-2025_0138-1

OPENSUSE-SU-2025_0146-1

OPENSUSE-SU-2025_0150-1

OPENSUSE-SU-2025_0158-1

OPENSUSE-SU-2025_0164-1

OPENSUSE-SU-2025_0238-1

OPENSUSE-SU-2025_0239-1

OPENSUSE-SU-2025_0240-1

OPENSUSE-SU-2025_0244-1

OPENSUSE-SU-2025_0248-1

OPENSUSE-SU-2025_0249-1

OPENSUSE-SU-2025_0251-1

OPENSUSE-SU-2025_0252-1

OPENSUSE-SU-2025_0253-1

OPENSUSE-SU-2025_0254-1

OPENSUSE-SU-2025_0260-1

OPENSUSE-SU-2025_0261-1

OPENSUSE-SU-2025_0264-1

OPENSUSE-SU-2025_0266-1

RHSA-2024:4823

RHSA-2024:4831

RHSA-2024:6993

RHSA-2024:7000

RHSA-2024:7001

RHSA-2024:7486

RHSA-2024:8617

RHSA-2024_7000

RHSA-2024_7001

RHSA-2024_8617

RLSA-2024:7001

RLSA-2024:8617

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2326-1

SUSE-SU-2024:2335-1

SUSE-SU-2024:2337-1

SUSE-SU-2024:2338-1

SUSE-SU-2024:2341-1

SUSE-SU-2024:2342-1

SUSE-SU-2024:2343-1

SUSE-SU-2024:2344-1

SUSE-SU-2024:2351-1

SUSE-SU-2024:2357-1

SUSE-SU-2024:2358-1

SUSE-SU-2024:2360-1

SUSE-SU-2024:2362-1

SUSE-SU-2024:2365-1

SUSE-SU-2024:2368-1

SUSE-SU-2024:2369-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2373-1

SUSE-SU-2024:2382-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2396-1

SUSE-SU-2024:2407-1

SUSE-SU-2024:2410-1

SUSE-SU-2024:2411-1

SUSE-SU-2024:2437-1

SUSE-SU-2024:2446-1

SUSE-SU-2024:2447-1

SUSE-SU-2024:2448-1

SUSE-SU-2024:2449-1

SUSE-SU-2024:2472-1

SUSE-SU-2024:2473-1

SUSE-SU-2024:2474-1

SUSE-SU-2024:2480-1

SUSE-SU-2024:2487-1

SUSE-SU-2024:2488-1

SUSE-SU-2024:2495-1

SUSE-SU-2024:2530-1

SUSE-SU-2024:2549-1

SUSE-SU-2024:2558-1

SUSE-SU-2024:2559-1

SUSE-SU-2024:2561-1

SUSE-SU-2024:2722-1

SUSE-SU-2024:2723-1

SUSE-SU-2024:2725-1

SUSE-SU-2024:2726-1

SUSE-SU-2024:2740-1

SUSE-SU-2024:2751-1

SUSE-SU-2024:2755-1

SUSE-SU-2024:2758-1

SUSE-SU-2024:2759-1

SUSE-SU-2024:2773-1

SUSE-SU-2024:2792-1

SUSE-SU-2024:2797-1

SUSE-SU-2024:2821-1

SUSE-SU-2024:2822-1

SUSE-SU-2024:2823-1

SUSE-SU-2024:2824-1

SUSE-SU-2024:2825-1

SUSE-SU-2024:2840-1

SUSE-SU-2024:2841-1

SUSE-SU-2024:2843-1

SUSE-SU-2024:2850-1

SUSE-SU-2024:2851-1

SUSE-SU-2024:2852-1

SUSE-SU-2024:2853-1

SUSE-SU-2024:2874-1

SUSE-SU-2024:2895-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2024:3015-1

SUSE-SU-2024:3034-1

SUSE-SU-2024:3037-1

SUSE-SU-2024:3039-1

SUSE-SU-2024:3043-1

SUSE-SU-2024:3044-1

SUSE-SU-2024:3048-1

SUSE-SU-2024:3318-1

SUSE-SU-2024:3319-1

SUSE-SU-2024:3320-1

SUSE-SU-2024:3334-1

SUSE-SU-2024:3336-1

SUSE-SU-2024:3347-1

SUSE-SU-2024:3348-1

SUSE-SU-2024:3349-1

SUSE-SU-2024:3350-1

SUSE-SU-2024:3363-1

SUSE-SU-2024:3365-1

SUSE-SU-2024:3368-1

SUSE-SU-2024:3370-1

SUSE-SU-2024:3375-1

SUSE-SU-2024:3379-1

SUSE-SU-2024:3399-1

SUSE-SU-2024:3623-1

SUSE-SU-2024:3625-1

SUSE-SU-2024:3631-1

SUSE-SU-2024:3632-1

SUSE-SU-2024:3636-1

SUSE-SU-2024:3639-1

SUSE-SU-2024:3642-1

SUSE-SU-2024:3649-1

SUSE-SU-2024:3651-1

SUSE-SU-2024:3652-1

SUSE-SU-2024:3661-1

SUSE-SU-2024:3662-1

SUSE-SU-2024:3663-1

SUSE-SU-2024:3672-1

SUSE-SU-2024:3674-1

SUSE-SU-2024:3676-1

SUSE-SU-2024:3679-1

SUSE-SU-2024:3685-1

SUSE-SU-2024:3694-1

SUSE-SU-2024:3695-1

SUSE-SU-2024:3696-1

SUSE-SU-2024:3697-1

SUSE-SU-2024:3700-1

SUSE-SU-2024:3701-1

SUSE-SU-2024:3702-1

SUSE-SU-2024:3710-1

SUSE-SU-2024:3774-1

SUSE-SU-2024:3780-1

SUSE-SU-2024:3793-1

SUSE-SU-2024:3796-1

SUSE-SU-2024:3798-1

SUSE-SU-2024:3800-1

SUSE-SU-2024:3803-1

SUSE-SU-2024:3806-1

SUSE-SU-2024:3814-1

SUSE-SU-2024:3815-1

SUSE-SU-2024:3820-1

SUSE-SU-2024:3821-1

SUSE-SU-2024:3822-1

SUSE-SU-2024:3829-1

SUSE-SU-2024:3830-1

SUSE-SU-2024:3831-1

SUSE-SU-2024:3833-1

SUSE-SU-2024:3837-1

SUSE-SU-2024:3840-1

SUSE-SU-2024:3842-1

SUSE-SU-2024:3849-1

SUSE-SU-2024:3851-1

SUSE-SU-2024:3852-1

SUSE-SU-2024:3854-1

SUSE-SU-2024:3855-1

SUSE-SU-2024:3857-1

SUSE-SU-2024:3860-1

SUSE-SU-2024:4122-1

SUSE-SU-2024:4123-1

SUSE-SU-2024:4124-1

SUSE-SU-2024:4125-1

SUSE-SU-2024:4127-1

SUSE-SU-2024:4180-1

SUSE-SU-2024:4197-1

SUSE-SU-2024:4207-1

SUSE-SU-2024:4214-1

SUSE-SU-2024:4216-1

SUSE-SU-2024:4218-1

SUSE-SU-2024:4226-1

SUSE-SU-2024:4228-1

SUSE-SU-2024:4231-1

SUSE-SU-2024:4234-1

SUSE-SU-2024:4235-1

SUSE-SU-2024:4236-1

SUSE-SU-2024:4242-1

SUSE-SU-2024:4243-1

SUSE-SU-2024:4246-1

SUSE-SU-2024:4249-1

SUSE-SU-2024:4250-1

SUSE-SU-2024:4256-1

SUSE-SU-2024:4263-1

SUSE-SU-2024:4264-1

SUSE-SU-2024:4266-1

SUSE-SU-2024:4275-1

SUSE-SU-2025:0091-1

SUSE-SU-2025:0097-1

SUSE-SU-2025:0101-1

SUSE-SU-2025:0103-1

SUSE-SU-2025:0106-1

SUSE-SU-2025:0107-1

SUSE-SU-2025:0109-1

SUSE-SU-2025:0110-1

SUSE-SU-2025:0114-1

SUSE-SU-2025:0115-1

SUSE-SU-2025:0124-1

SUSE-SU-2025:0131-1

SUSE-SU-2025:0137-1

SUSE-SU-2025:0138-1

SUSE-SU-2025:0146-1

SUSE-SU-2025:0150-1

SUSE-SU-2025:0158-1

SUSE-SU-2025:0164-1

SUSE-SU-2025:0238-1

SUSE-SU-2025:0239-1

SUSE-SU-2025:0240-1

SUSE-SU-2025:0244-1

SUSE-SU-2025:0248-1

SUSE-SU-2025:0249-1

SUSE-SU-2025:0251-1

SUSE-SU-2025:0252-1

SUSE-SU-2025:0253-1

SUSE-SU-2025:0254-1

SUSE-SU-2025:0260-1

SUSE-SU-2025:0261-1

SUSE-SU-2025:0264-1

SUSE-SU-2025:0266-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6893-1

USN-6893-2

USN-6893-3

USN-6895-1

USN-6895-2

USN-6895-3

USN-6895-4

USN-6896-1

USN-6896-2

USN-6896-3

USN-6896-4

USN-6896-5

USN-6898-1

USN-6898-2

USN-6898-3

USN-6898-4

USN-6900-1

USN-6917-1

USN-6918-1

USN-6919-1

USN-6926-1

USN-6926-2

USN-6926-3

USN-6927-1

USN-6938-1

USN-7019-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-1002 · Linux+9 · Linux Kernel+9

CVE-2024-26923

Weakness Enumeration

Related Identifiers

Affected Products

References · 4585