Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()If an exiting non-autoreaping task has already passed exit_notify() andcalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parentor debugger right after unlock_task_sighand().If a concurrent posix_cpu_timer_del() runs at that moment, it won't beable to detect timer->it.cpu.firing != 0: cpu_timer_task_rcu() and/orlock_task_sighand() will fail.Add the tsk->exit_state check into run_posix_cpu_timers() to fix this.This fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, becauseexit_task_work() is called before exit_notify(). But the check stillmakes sense, task_work_add(&tsk->posix_cputimers_work.work) will failanyway in this case.
No PoCs from references.
- https://github.com/ARGOeu-Metrics/secmon-probes
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/CryptoGenNepal/CVE-KEV-RSS
- https://github.com/DevGreick/devgreick
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/thexnumb/thexwriteup
- https://github.com/w4zu/Debian_security