CVE-2023-52522
EPSS
0.04 % (11th)
Advisories
1
In the Linux kernel, the following vulnerability has been resolved:
net: fix possible store tearing in neigh_periodic_work()
While looking at a related syzbot report involving neigh_periodic_work(),
I found that I forgot to add an annotation when deleting an
RCU protected item from a list.
Readers use rcu_deference(*np), we need to use either
rcu_assign_pointer() or WRITE_ONCE() on writer side
to prevent store tearing.
I use rcu_assign_pointer() to have lockdep support,
this was the choice made in neigh_flush_dev().
- CVE Status
- PUBLISHED
- CNA
- kernel.org
- Published Date
-
2024-03-02 22:15:48
(6 months ago) - Updated Date
-
2024-03-04 13:58:23
(6 months ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...