Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down() As discussed in the past (commit 2d3916f31891 ("ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()")) I think the synchronize_net() call in ipv6_mc_down() is not needed. Under load, synchronize_net() can last between 200 usec and 5 ms. KASAN seems to agree as well.

INFO

Published Date :

2024-05-01T13:05:12.775Z

Last Modified :

2025-05-04T09:03:57.158Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-27390 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-27390.

URL Resource
https://git.kernel.org/stable/c/17ef8efc00b34918b966388b2af0993811895a8c cve-icon cve-icon
https://git.kernel.org/stable/c/26d4bac55750d535f1f0b8790dc26daf6089e373 cve-icon cve-icon
https://git.kernel.org/stable/c/5da9a218340a2bc804dc4327e5804392e24a0b88 cve-icon cve-icon
https://git.kernel.org/stable/c/7eb06ee5921189812e6b4bfe7b0f1e878be16df7 cve-icon cve-icon
https://git.kernel.org/stable/c/9d159d6637ccce25f879d662a480541ef4ba3a50 cve-icon cve-icon
https://git.kernel.org/stable/c/a03ede2282ebbd181bd6f5c38cbfcb5765afcd04 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27390-e55f@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-27390 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-27390 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact