Wind River Support Network

HomeDefectsLIN1021-12893
Acknowledged

LIN1021-12893 : Security Advisory - linux - CVE-2024-56688

Created: Dec 29, 2024    Updated: Jan 20, 2025
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport

Since transport->sock has been set to NULL during reset transport,
XPRT_SOCK_UPD_TIMEOUT also needs to be cleared. Otherwise, the
xs_tcp_set_socket_timeouts() may be triggered in xs_tcp_send_request()
to dereference the transport->sock that has been set to NULL.

CREATE(Triage):(User=admin) CVE-2024-56688 (https://nvd.nist.gov/vuln/detail/CVE-2024-56688)

CVEs


Live chat
Online