{
  "threat_severity" : "Moderate",
  "public_date" : "2024-07-12T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: netpoll: Fix race condition in netpoll_owner_active",
    "id" : "2297589",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2297589"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.7",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-362",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnetpoll: Fix race condition in netpoll_owner_active\nKCSAN detected a race condition in netpoll:\nBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\nwrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\nnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n<snip>\nread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\nnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\nnetpoll_send_udp (net/core/netpoll.c:?)\n<snip>\nvalue changed: 0x0000000a -> 0xffffffff\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi->poll_owner\nnon atomically. The ->poll_owner field contains the current CPU holding\nthe lock.\nUse an atomic read to check if the poll owner is the current CPU.", "A flaw was found in the Linux kernel in which a privileged user on a multiprocessor system might be able to cause a denial of service due to a race condition in network-related functions." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-09-24T00:00:00Z",
    "advisory" : "RHSA-2024:7001",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-09-24T00:00:00Z",
    "advisory" : "RHSA-2024:7000",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.22.1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-10-30T00:00:00Z",
    "advisory" : "RHSA-2024:8617",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.42.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-10-30T00:00:00Z",
    "advisory" : "RHSA-2024:8617",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.42.1.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-41005\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41005\nhttps://lore.kernel.org/linux-cve-announce/2024071244-CVE-2024-41005-b2a5@gregkh/T" ],
  "name" : "CVE-2024-41005",
  "csaw" : false
}