CVE - CVE-2024-54683

CVE-ID
CVE-2024-54683	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the same time as a read of its file in sysfs: \| ====================================================== \| WARNING: possible circular locking dependency detected \| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted \| ------------------------------------------------------ \| iptables/3303 is trying to acquire lock: \| ffff8881057e04b8 (kn->active#48){++++}-{0:0}, at: __kernfs_remove+0x20 \| \| but task is already holding lock: \| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v] \| \| which lock already depends on the new lock. A simple reproducer is: \| #!/bin/bash \| \| while true; do \| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label "testme" \| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label "testme" \| done & \| while true; do \| cat /sys/class/xt_idletimer/timers/testme >/dev/null \| done Avoid this by freeing list_mutex right after deleting the element from the list, then continuing with the teardown.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/45fe76573a2557f632e248cc141342233f422b9a URL:https://git.kernel.org/stable/c/45fe76573a2557f632e248cc141342233f422b9a MISC:https://git.kernel.org/stable/c/8c2c8445cda8f59c38dec7dc10509bcb23ae26a0 URL:https://git.kernel.org/stable/c/8c2c8445cda8f59c38dec7dc10509bcb23ae26a0 MISC:https://git.kernel.org/stable/c/f36b01994d68ffc253c8296e2228dfe6e6431c03 URL:https://git.kernel.org/stable/c/f36b01994d68ffc253c8296e2228dfe6e6431c03
Assigning CNA
kernel.org
Date Record Created
20250109	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250109)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)