CVE-2024-26960 — Race Condition in Linux
Severity
5.5MEDIUMNVD
OSV7.8
EPSS
0.0%
top 99.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 1
Latest updateDec 19
Description
In the Linux kernel, the following vulnerability has been resolved:
mm: swap: fix race between free_swap_and_cache() and swapoff()
There was previously a theoretical window where swapoff() could run and
teardown a swap_info_struct while a call to free_swap_and_cache() was
running in another thread. This could cause, amongst other bad
possibilities, swap_page_trans_huge_swapped() (called by
free_swap_and_cache()) to access the freed memory for swap_map.
This is a theoretical problem and I have…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linux7c00bafee87c7bac7ed9eced7c161f8e5332cb4e — d85c11c97ecf92d47a4b29e3faca714dc1f18d0d+7
Also affects: Debian Linux 10.0
Patches
🔴Vulnerability Details
20OSV▶
linux, linux-aws, linux-aws-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.↗2024-10-16
OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities↗2024-10-15
📋Vendor Advisories
22💬Community
1Bugzilla
▶