Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

CVE-2024-53136

Disclosure Date: December 04, 2024
CVE-2024-53136 CVSS v3 Base Score: 4.7
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

mm: revert “mm: shmem: fix data-race in shmem_getattr()”

Revert d949d1d14fa2 (“mm: shmem: fix data-race in shmem_getattr()”) as
suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over
NFS.

As Hugh commented, “added just to silence a syzbot sanitizer splat: added
where there has never been any practical problem”.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
4.7 Medium
Impact Score:
3.6
Exploitability Score:
1
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
High
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Linux 36b537e8f302
Linux a3c65022d89d
Linux 57cc8d253099
Linux d3f9d88c2c03
Linux 5874c1150e77
Linux 64e67e869425
Linux 901dc2ad7c37
Linux d1aa0c04294e
Linux 4.19.325
Linux 5.4.287
Linux 5.10.231
Linux 5.15.174
Linux 6.1.119
Linux 6.6.63
Linux 6.11.10
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • linux

Products

  • linux kernel
Technical Analysis