Связанные уязвимости
ubuntu
4 месяца назад
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVSS3: 4.7
redhat
4 месяца назад
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: exec: fix the racy usage of fs_struct->in_exec
github
4 месяца назад
In the Linux kernel, the following vulnerability has been resolved: exec: fix the racy usage of fs_struct->in_exec check_unsafe_exec() sets fs->in_exec under cred_guard_mutex, then execve() paths clear fs->in_exec lockless. This is fine if exec succeeds, but if it fails we have the following race: T1 sets fs->in_exec = 1, fails, drops cred_guard_mutex T2 sets fs->in_exec = 1 T1 clears fs->in_exec T2 continues with fs->in_exec == 0 Change fs/exec.c to clear fs->in_exec with cred_guard_mutex held.
