{ "id": "CVE-2021-47248", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-21T15:15:13.780", "lastModified": "2024-11-21T06:35:43.190", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: fix race between close() and udp_abort()\n\nKaustubh reported and diagnosed a panic in udp_lib_lookup().\nThe root cause is udp_abort() racing with close(). Both\nracing functions acquire the socket lock, but udp{v6}_destroy_sock()\nrelease it before performing destructive actions.\n\nWe can't easily extend the socket lock scope to avoid the race,\ninstead use the SOCK_DEAD flag to prevent udp_abort from doing\nany action when the critical race happens.\n\nDiagnosed-and-tested-by: Kaustubh Pandey " }, { "lang": "es", "value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: udp: corrige la ejecuci\u00f3n entre close() y udp_abort(). Kaustubh inform\u00f3 y diagnostic\u00f3 un p\u00e1nico en udp_lib_lookup(). La causa principal es que udp_abort() compite con close(). Ambas funciones de ejecuci\u00f3n adquieren el bloqueo del socket, pero udp{v6}_destroy_sock() lo libera antes de realizar acciones destructivas. No podemos extender f\u00e1cilmente el alcance del bloqueo del socket para evitar la ejecuci\u00f3n; en su lugar, usamos el indicador SOCK_DEAD para evitar que udp_abort realice alguna acci\u00f3n cuando ocurre la ejecuci\u00f3n cr\u00edtica. Diagnosticado y probado por: Kaustubh Pandey " } ], "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }