CVE-2024-43892— Linux kernel 安全漏洞
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2024-43892 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
memcg: protect concurrent access to mem_cgroup_idr
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many small jobs") decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It introduced IDR to maintain the memcg ID space. The IDR depends on external synchronization mechanisms for modifications. For the mem_cgroup_idr, the idr_alloc() and idr_replace() happen within css callback and thus are protected through cgroup_mutex from concurrent modifications. However idr_remove() for mem_cgroup_idr was not protected against concurrency and can be run concurrently for different memcgs when they hit their refcnt to zero. Fix that. We have been seeing list_lru based kernel crashes at a low frequency in our fleet for a long time. These crashes were in different part of list_lru code including list_lru_add(), list_lru_del() and reparenting code. Upon further inspection, it looked like for a given object (dentry and inode), the super_block's list_lru didn't have list_lru_one for the memcg of that object. The initial suspicions were either the object is not allocated through kmem_cache_alloc_lru() or somehow memcg_list_lru_alloc() failed to allocate list_lru_one() for a memcg but returned success. No evidence were found for these cases. Looking more deeply, we started seeing situations where valid memcg's id is not present in mem_cgroup_idr and in some cases multiple valid memcgs have same id and mem_cgroup_idr is pointing to one of them. So, the most reasonable explanation is that these situations can happen due to race between multiple idr_remove() calls or race between idr_alloc()/idr_replace() and idr_remove(). These races are causing multiple memcgs to acquire the same ID and then offlining of one of them would cleanup list_lrus on the system for all of them. Later access from other memcgs to the list_lru cause crashes due to missing list_lru_one.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在访问mem_cgroup_idr时未保护并发访问,导致潜在的竞争条件。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2024-43892 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2024-43892 的情报信息
请登录查看更多情报信息。
同批安全公告 · Linux · 2024-08-26 · 共 39 条
| CVE-2024-44934 | Linux kernel 安全漏洞 | |
| CVE-2024-43909 | Linux kernel 安全漏洞 | |
| CVE-2024-43910 | Linux kernel 安全漏洞 | |
| CVE-2024-43911 | Linux kernel 安全漏洞 | |
| CVE-2024-43912 | Linux kernel 安全漏洞 | |
| CVE-2024-43913 | Linux kernel 安全漏洞 | |
| CVE-2024-43914 | Linux kernel 安全漏洞 | |
| CVE-2024-44931 | Linux kernel 安全漏洞 | |
| CVE-2024-44932 | Linux kernel 安全漏洞 | |
| CVE-2024-44933 | Linux kernel 安全漏洞 | |
| CVE-2024-43908 | Linux kernel 安全漏洞 | |
| CVE-2024-44935 | Linux kernel 安全漏洞 | |
| CVE-2024-44936 | Linux kernel 安全漏洞 | |
| CVE-2024-44937 | Linux kernel 安全漏洞 | |
| CVE-2024-44938 | Linux kernel 安全漏洞 | |
| CVE-2024-44939 | Linux kernel 安全漏洞 | |
| CVE-2024-44940 | Linux kernel 安全漏洞 | |
| CVE-2024-44941 | Linux kernel 安全漏洞 | |
| CVE-2024-44942 | Linux kernel 安全漏洞 | |
| CVE-2024-43897 | Linux kernel 安全漏洞 |
显示前 20 条,共 39 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2024-43892
暂无评论