CVE-2024-56700

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an atomicity violation in the fmc send cmd() function. This occurs when the function is executed simultaneously with the modification of the fmdev->resp skb value. If the fmdev->resp skb variable is assigned a null value after passing the validity check, it may result in a null pointer dereference error. The error can occur at the line where evt hdr = (void *)skb->data; is executed, because skb = fmdev->resp skb; may be invalid. To address this issue, it is recommended to include the validity check of fmdev->resp skb within the locked section of the function to maintain its validity.

Recommendations To resolve the issue, include the validity check of fmdev->resp skb within the locked section of the fmc send cmd() function. This modification ensures that the value of fmdev->resp skb does not change during the validation process, thereby maintaining its validity. As a temporary workaround, consider adding locks to prevent concurrent execution of the fmc send cmd() function with the modification of the fmdev->resp skb value.