Improper locking in Linux kernel m68k kernel



| Updated: 2025-05-13
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-38613
CWE-ID CWE-667
Exploitation vector Local
Public exploit N/A
Vulnerable software
Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper locking

EUVDB-ID: #VU92359

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38613

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the arch/m68k/kernel/entry.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 4.19 - 6.8.11

CPE2.3 External links

https://git.kernel.org/stable/c/2a8d1d95302c7d52c6ac8fa5cb4a6948ae0d3a14
https://git.kernel.org/stable/c/5213cc01d0464c011fdc09f318705603ed3a746b
https://git.kernel.org/stable/c/4eeffecc8e3cce25bb559502c2fd94a948bcde82
https://git.kernel.org/stable/c/77b2b67a0f8bce260c53907e5749d61466d90c87
https://git.kernel.org/stable/c/0d9ae1253535f6e85a016e09c25ecbe6f7f59ef0
https://git.kernel.org/stable/c/f3baf0f4f92af32943ebf27b960e0552c6c082fd
https://git.kernel.org/stable/c/f1d4274a84c069be0f6098ab10c3443fc1f7134c
https://git.kernel.org/stable/c/95f00caf767b5968c2c51083957b38be4748a78a
https://git.kernel.org/stable/c/da89ce46f02470ef08f0f580755d14d547da59ed
https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.316
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.161
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.278
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.93
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.12


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###