CVE-2024-27395

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994	Patch
https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3	Patch
https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424	Patch
https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2	Patch
https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4	Patch
https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1	Patch
https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137	Patch
https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865	Patch
https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994	Patch
https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3	Patch
https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424	Patch
https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2	Patch
https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4	Patch
https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1	Patch
https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137	Patch
https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865	Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html	Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html	Mailing List
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc5::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

12 May 2026, 12:16

Type	Values Removed	Values Added
References		() https://cert-portal.siemens.com/productcert/html/ssa-265688.html - () https://cert-portal.siemens.com/productcert/html/ssa-613116.html -

14 Jan 2025, 14:27

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.9:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc4:::::: cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel:6.9:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.9:rc5::::::
References	~~() https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994 -~~	() https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994 - Patch
References	~~() https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3 -~~	() https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3 - Patch
References	~~() https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424 -~~	() https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424 - Patch
References	~~() https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2 -~~	() https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2 - Patch
References	~~() https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4 -~~	() https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4 - Patch
References	~~() https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1 -~~	() https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1 - Patch
References	~~() https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137 -~~	() https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137 - Patch
References	~~() https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865 -~~	() https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865 - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - Mailing List
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List
CWE		CWE-416
First Time		Linux linux Kernel Linux Debian debian Linux Debian
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8

21 Nov 2024, 09:04

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -
References	~~() https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994 -~~	() https://git.kernel.org/stable/c/2db9a8c0a01fa1c762c1e61a13c212c492752994 -
References	~~() https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3 -~~	() https://git.kernel.org/stable/c/35880c3fa6f8fe281a19975d2992644588ca33d3 -
References	~~() https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424 -~~	() https://git.kernel.org/stable/c/589523cf0b384164e445dd5db8d5b1bf97982424 -
References	~~() https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2 -~~	() https://git.kernel.org/stable/c/5ea7b72d4fac2fdbc0425cd8f2ea33abe95235b2 -
References	~~() https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4 -~~	() https://git.kernel.org/stable/c/9048616553c65e750d43846f225843ed745ec0d4 -
References	~~() https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1 -~~	() https://git.kernel.org/stable/c/bca6fa2d9a9f560e6b89fd5190b05cc2f5d422c1 -
References	~~() https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137 -~~	() https://git.kernel.org/stable/c/eaa5e164a2110d2fb9e16c8a29e4501882235137 -
References	~~() https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865 -~~	() https://git.kernel.org/stable/c/edee0758747d7c219e29db9ed1d4eb33e8d32865 -

05 Nov 2024, 10:16

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

27 Jun 2024, 12:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -

25 Jun 2024, 23:15

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: openvswitch: Fix Use-After-Free en ovs_ct_exit Dado que kfree_rcu, que se llama en el recorrido hlist_for_each_entry_rcu de ovs_ct_limit_exit, no forma parte de la sección crítica de lectura de RCU, es posible que el período de gracia de RCU pasará durante el recorrido y la clave quedará libre. Para evitar esto, se debe cambiar a hlist_for_each_entry_safe.
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -

14 May 2024, 15:12

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-14 15:12

Updated : 2026-06-17 07:19

NVD link : CVE-2024-27395

Mitre link : CVE-2024-27395

CVE.ORG link : CVE-2024-27395

JSON object : View

Products Affected

debian

debian_linux

linux

linux_kernel

CWE

CWE-416

Use After Free

7.8 /10