Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connection and it will be removed from local->new_client_calls by rxrpc_disconnect_client_call() without a lock being held. This may cause other calls on the list to disappear if a race occurs. Fix this by taking the client_call_lock when removing a call from whatever list its ->wait_link happens to be on.

INFO

Published Date :

2024-11-19T01:30:40.699Z

Last Modified :

2025-10-01T20:17:20.629Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50294 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50294.

URL Resource
https://git.kernel.org/stable/c/996a7208dadbf2cdda8d51444d5ee1fdd1ccbc92 cve-icon cve-icon
https://git.kernel.org/stable/c/b1fdb0bb3b6513f5bd26f92369fd6ac1a2422d8b cve-icon cve-icon
https://git.kernel.org/stable/c/fc9de52de38f656399d2ce40f7349a6b5f86e787 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024111958-CVE-2024-50294-0ac7@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50294 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50294 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact