#VU94996 Improper locking in Linux kernel - CVE-2024-41020

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the fcntl_setlk64() function in fs/locks.c. A local user can perform a denial of service (DoS) attack.

Remediation

External links

• https://git.kernel.org/stable/c/a561145f3ae973ebf3e0aee41624e92a6c5cb38d
• https://git.kernel.org/stable/c/4c43ad4ab41602201d34c66ac62130fe339d686f
• https://git.kernel.org/stable/c/911cc83e56a2de5a40758766c6a70d6998248860
• https://git.kernel.org/stable/c/53e21cfa68a7d12de378b7116c75571f73e0dfa2
• https://git.kernel.org/stable/c/f4d0775c6e2f1340ca0725f0337de149aaa989ca
• https://git.kernel.org/stable/c/73ae349534ebc377328e7d21891e589626c6e82c
• https://git.kernel.org/stable/c/5b0af8e4c70e4b884bb94ff5f0cd49ecf1273c02
• https://git.kernel.org/stable/c/ed898f9ca3fa32c56c858b463ceb9d9936cc69c4
• https://git.kernel.org/stable/c/f8138f2ad2f745b9a1c696a05b749eabe44337ea
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.319
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.223
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.164
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.281
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.102
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.43