CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
In the Linux kernel, the following vulnerability has been resolved:
lib/generic-radix-tree.c: Fix rare race in genradixptralloc()
If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated node that might be used later.
If we then use that node for a new non-root node, it'll still have a pointer to the old root instead of being zeroed - fix this by zeroing it in the cmpxchg failure path.
Other sources
This CVE was automatically created from a reference found in an email or other text. If you are reading this, then this CVE entry is probably erroneous, since this text should be replaced by the official CVE description automatically.
— Launchpad
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-47668?
CVE-2024-47668 has been classified with a high severity due to the potential race condition that could lead to memory corruption in the Linux kernel.
How do I fix CVE-2024-47668?
To address CVE-2024-47668, users should upgrade to the recommended Linux kernel versions 6.1.123-1, 6.1.119-1, 6.12.10-1, or 6.12.11-1.
What systems are affected by CVE-2024-47668?
CVE-2024-47668 affects various versions of the Linux kernel up to 5.10.226 and several specific package versions in Debian distributions.
Is there a workaround for CVE-2024-47668?
There are no known effective workarounds for CVE-2024-47668 apart from applying the appropriate kernel updates to mitigate the risk.
What impact could CVE-2024-47668 have on my system?
CVE-2024-47668 could lead to potential system instability or exploitation through memory corruption if the vulnerable kernel is in use.