PT-2024-34129 · Linux+8 · Linux Kernel+8

Published

2024-10-23

·

Updated

2026-05-19

·

CVE-2024-50304

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc3-custom-gd95d9a31aceb
Description: The issue is related to a suspicious RCU usage warning in the ip tunnel find() function. The per-netns IP tunnel hash table is protected by the RTNL mutex, and ip tunnel find() is only called from the control path where the mutex is taken. A lockdep expression has been added to hlist for each entry rcu() in ip tunnel find() to validate that the mutex is held and to silence the suspicious RCU usage warning.
Recommendations: To resolve the issue, update to a version of the Linux kernel that includes the fix for the suspicious RCU usage warning in ip tunnel find(). At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Weakness Enumeration

CWE-667

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17211
ALT-PU-2025-12647
AZL-53441
AZL-53699
BDU:2025-03310
CVE-2024-50304
DLA-4075-1
DLA-4076-1
DSA-5860-1
INFSA-2025_6966
OESA-2025-1093
OESA-2025-1097
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:0564-1
SUSE-SU-2025:0834-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
SUSE-SU-2025_0834-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7468-1
USN-7523-1
USN-7524-1
USN-8273-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu