Vulnerability DatabaseCVE-2024-26923

CVE-2024-26923:
Linux Kernel vulnerability analysis and mitigation

Overview

CVE-2024-26923 is a vulnerability discovered in the Linux kernel's AF_UNIX socket implementation, specifically in the garbage collector mechanism. The vulnerability was disclosed on April 25, 2024, affecting the Linux kernel's inter-process communication system (NVD).

Technical details

The vulnerability occurs when the garbage collector fails to account for the possibility of an embryo being enqueued during garbage collection. If such an embryo has a peer that carries SCMRIGHTS, two consecutive passes of scanchildren() may observe different sets of children. This leads to an incorrectly elevated inflight count and subsequently results in a dangling pointer within the gcinflightlist (Kernel Commit).

Impact

The vulnerability can result in memory corruption due to dangling pointers in the kernel's AF_UNIX socket implementation, potentially leading to system instability or crashes (NVD).

Mitigation and workarounds

The issue has been fixed in the Linux kernel through a patch that ensures proper synchronization between garbage collection and connect() operations. The fix involves adding state locking for listening sockets during garbage collection to prevent race conditions (Kernel Commit).

Additional resources

Source: This report was generated using AI

View vulnerable instances

Not a Wiz customer?

Request vulnerability assessment

Published April 25, 2024

CNA Score N/A

Affected Technologies

Linux Kernel
Bottlerocket

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 24.1

Exploitation Probability (EPSS) 0.1

Affected packages and libraries

kernel-64kb
linux-gcp-4.15

Sources

NVD
AlmaLinux Security Advisory
- AlmaLinux 8 Severity HIGHHas FixAdded at: Sep 26, 2024
- AlmaLinux 9 Severity MEDIUMHas FixAdded at: Nov 04, 2024
Bottlerocket GitHub Security Advisories
- Bottlerocket Severity MEDIUMHas FixAdded at: Jun 09, 2024
Debian Security Tracker
- Debian 10, 11, 12, 13 Has FixAdded at: Apr 30, 2024
Photon Security Advisory
- Photon 4.0 Severity HIGHHas FixAdded at: Jan 19, 2025
Red Hat Errata
- Red Hat 6, 7 Severity MEDIUMNo FixAdded at: Apr 30, 2024
- Red Hat 8 Severity MEDIUMHas FixAdded at: Apr 30, 2024
- Red Hat 9 Severity MEDIUMHas FixAdded at: Apr 30, 2024
Rocky Linux Product Errata
- Rocky 8 Severity MEDIUMHas FixAdded at: May 11, 2025
- Rocky 9 Severity MEDIUMHas FixAdded at: Jan 13, 2025
Ubuntu Security Tracker
- Ubuntu 14.04, 16.04, 18.04 Severity HIGHHas FixAdded at: Jul 02, 2024
- Ubuntu 20.04, 22.04, 23.10, 24.04 Severity HIGHHas FixAdded at: May 16, 2024