CVE-2024-39293

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a potential kernel crash when multiple napi instances redirect to the same AF XDP socket. This can happen when the linked list of sockets to flush gets corrupted by concurrent accesses, leading to a corrupted ring state that can cause a crash when flushing the rings in xsk flush(). The problem is introduced by removing the queue index check, allowing multiple napi instances to access the Rx ring at the same time.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-99

Related Identifiers

BDU:2025-08060

CVE-2024-39293

Affected Products

Astra Linux

Debian

Linux Kernel

CVE-2024-39293

Weakness Enumeration

Related Identifiers

Affected Products

References · 20