Updated: 2024-09-24 04:20:40.813967
Description:
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10: net_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822) <snip> read to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2: netpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393) netpoll_send_udp (net/core/netpoll.c:?) <snip> value changed: 0x0000000a -> 0xffffffff This happens because netpoll_owner_active() needs to check if the current CPU is the owner of the lock, touching napi->poll_owner non atomically. The ->poll_owner field contains the current CPU holding the lock. Use an atomic read to check if the poll owner is the current CPU.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0 |
| CVSS Version 3.x | MEDIUM | 4.7 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 4.7 | MEDIUM | Ignored | 2024-09-25 12:26:20 | ||
| CentOS 6 ELS | kernel | 2.6.32 | 4.7 | MEDIUM | Ignored | 2024-09-25 12:26:20 | ||
| CentOS 7 ELS | kernel | 3.10.0 | 4.7 | MEDIUM | Ignored | 2024-09-25 12:26:19 | ||
| CentOS 8.4 ELS | kernel | 4.18.0 | 4.7 | MEDIUM | Ignored | 2024-10-09 03:43:14 | ||
| CentOS 8.5 ELS | kernel | 4.18.0 | 4.7 | MEDIUM | Ignored | 2024-10-09 03:43:14 | ||
| CentOS Stream 8 ELS | kernel | 4.18.0 | 4.7 | MEDIUM | Released | CLSA-2024:1727815919 | 2024-10-01 17:26:46 | |
| CloudLinux 6 ELS | kernel | 2.6.32 | 4.7 | MEDIUM | Ignored | 2024-09-25 12:26:20 | ||
| CloudLinux 7 ELS | kernel | 3.10.0 | 4.7 | MEDIUM | Ignored | 2024-09-25 12:26:19 | ||
| Oracle Linux 6 ELS | kernel | 2.6.32 | 4.7 | MEDIUM | Ignored | 2024-09-25 12:26:19 |