PT-2024-9809 · Linux +5 · Linux Kernel +5
Ronald Wahl
·
Published
2024-05-03
·
Updated
2024-11-29
·
CVE-2024-36962
6.2
Medium
| Base vector | Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to the ks8851 component in the Linux kernel, which is associated with incorrect resource locking. This can lead to a denial of service. The problem arises when the `net rx action()` function triggers the `.start xmit` callback, protected by the same lock as the IRQ handler, potentially causing a hang due to attempting to claim an already claimed lock. The solution involves removing the BH manipulation and queuing received packets in the IRQ handler before pushing them into `netif rx()` outside the lock-protected critical section.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Locking
Weakness Enumeration
Related Identifiers
Affected Products
References · 3971
- 🔥 https://github.com/tr3ee/CVE-2022-23222⭐ 567 🔗 99 · Exploit
- 🔥 https://github.com/tr3ee/CVE-2021-4204⭐ 61 🔗 10 · Exploit
- 🔥 https://github.com/PenteraIO/CVE-2022-23222-POC⭐ 5 🔗 5 · Exploit
- https://bdu.fstec.ru/vul/2024-07449 · Security Note
- https://ubuntu.com/security/CVE-2024-36898 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38547 · Security Note
- https://bdu.fstec.ru/vul/2025-00839 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36931 · Security Note
- https://bdu.fstec.ru/vul/2024-10732 · Security Note
- https://safe-surf.ru/specialists/bulletins-nkcki/716825 · Security Note
- https://bdu.fstec.ru/vul/2025-00984 · Security Note
- https://bdu.fstec.ru/vul/2024-11543 · Security Note
- https://ubuntu.com/security/CVE-2024-38583 · Vendor Advisory
- https://bdu.fstec.ru/vul/2024-06632 · Security Note
- https://bdu.fstec.ru/vul/2025-00987 · Security Note