CVE-2024-41081

ila: block BH in ila_output()

Description

In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunnel_output() possibly from process context, and under rcu_read_lock(). We might be interrupted by a softirq, re-enter ila_output() and corrupt dst_cache data structures. Fix the race by using local_bh_disable().

INFO

Published Date :

2024-07-29T15:04:18.459Z

Last Modified :

2025-11-03T22:00:39.886Z

Source :

Linux

AFFECTED PRODUCTS

The following products are affected by CVE-2024-41081 vulnerability.

Vendors	Products
Linux	Linux Kernel

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41081.

URL	Resource
https://git.kernel.org/stable/c/522c3336c2025818fa05e9daf0ac35711e55e316
https://git.kernel.org/stable/c/7435bd2f84a25aba607030237261b3795ba782da
https://git.kernel.org/stable/c/96103371091c6476eb07f4c66624bdd1b42f758a
https://git.kernel.org/stable/c/9f9c79d8e527d867e0875868b14fb76e6011e70c
https://git.kernel.org/stable/c/a0cafb7b0b94d18e4813ee4b712a056f280e7b5a
https://git.kernel.org/stable/c/b4eb25a3d70df925a9fa4e82d17a958a0a228f5f
https://git.kernel.org/stable/c/cf28ff8e4c02e1ffa850755288ac954b6ff0db8c
https://git.kernel.org/stable/c/feac2391e26b086f73be30e9b1ab215eada8d830
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://lore.kernel.org/linux-cve-announce/2024072926-CVE-2024-41081-2552@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-41081
https://www.cve.org/CVERecord?id=CVE-2024-41081

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact