Details of VAR-202405-1146

ID

VAR-202405-1146

CVE

CVE-2024-27020

TITLE

Linux of Linux Kernel Race condition vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2024-003215

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process. Linux of Linux Kernel There is a race condition vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server. ========================================================================== Ubuntu Security Notice USN-6926-1 July 29, 2024 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe: Linux hardware enablement (HWE) kernel Details: 黄思聪 discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code. (CVE-2024-25744) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - HID subsystem; - I2C subsystem; - MTD block device drivers; - Network drivers; - TTY drivers; - USB subsystem; - File systems infrastructure; - F2FS file system; - SMB network file system; - BPF subsystem; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - Unix domain sockets; - AppArmor security module; (CVE-2023-52435, CVE-2024-27013, CVE-2024-35984, CVE-2023-52620, CVE-2024-35997, CVE-2023-52436, CVE-2024-26884, CVE-2024-26901, CVE-2023-52469, CVE-2024-35978, CVE-2024-26886, CVE-2024-35982, CVE-2024-36902, CVE-2024-26857, CVE-2024-26923, CVE-2023-52443, CVE-2024-27020, CVE-2024-36016, CVE-2024-26840, CVE-2024-26934, CVE-2023-52449, CVE-2024-26882, CVE-2023-52444, CVE-2023-52752) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-4.15.0-1133-oracle 4.15.0-1133.144 Available with Ubuntu Pro linux-image-4.15.0-1154-kvm 4.15.0-1154.159 Available with Ubuntu Pro linux-image-4.15.0-1164-gcp 4.15.0-1164.181 Available with Ubuntu Pro linux-image-4.15.0-1170-aws 4.15.0-1170.183 Available with Ubuntu Pro linux-image-4.15.0-227-generic 4.15.0-227.239 Available with Ubuntu Pro linux-image-4.15.0-227-lowlatency 4.15.0-227.239 Available with Ubuntu Pro linux-image-aws-lts-18.04 4.15.0.1170.168 Available with Ubuntu Pro linux-image-gcp-lts-18.04 4.15.0.1164.177 Available with Ubuntu Pro linux-image-generic 4.15.0.227.211 Available with Ubuntu Pro linux-image-kvm 4.15.0.1154.145 Available with Ubuntu Pro linux-image-lowlatency 4.15.0.227.211 Available with Ubuntu Pro linux-image-oracle-lts-18.04 4.15.0.1133.138 Available with Ubuntu Pro linux-image-virtual 4.15.0.227.211 Available with Ubuntu Pro Ubuntu 16.04 LTS linux-image-4.15.0-1133-oracle 4.15.0-1133.144~16.04.1 Available with Ubuntu Pro linux-image-4.15.0-1164-gcp 4.15.0-1164.181~16.04.1 Available with Ubuntu Pro linux-image-4.15.0-1170-aws 4.15.0-1170.183~16.04.1 Available with Ubuntu Pro linux-image-4.15.0-227-generic 4.15.0-227.239~16.04.1 Available with Ubuntu Pro linux-image-4.15.0-227-lowlatency 4.15.0-227.239~16.04.1 Available with Ubuntu Pro linux-image-aws-hwe 4.15.0.1170.183~16.04.1 Available with Ubuntu Pro linux-image-gcp 4.15.0.1164.181~16.04.1 Available with Ubuntu Pro linux-image-generic-hwe-16.04 4.15.0.227.239~16.04.1 Available with Ubuntu Pro linux-image-gke 4.15.0.1164.181~16.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-16.04 4.15.0.227.239~16.04.1 Available with Ubuntu Pro linux-image-oem 4.15.0.227.239~16.04.1 Available with Ubuntu Pro linux-image-oracle 4.15.0.1133.144~16.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-16.04 4.15.0.227.239~16.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6926-1 CVE-2023-46343, CVE-2023-52435, CVE-2023-52436, CVE-2023-52443, CVE-2023-52444, CVE-2023-52449, CVE-2023-52469, CVE-2023-52620, CVE-2023-52752, CVE-2024-24857, CVE-2024-24858, CVE-2024-24859, CVE-2024-25739, CVE-2024-25744, CVE-2024-26840, CVE-2024-26857, CVE-2024-26882, CVE-2024-26884, CVE-2024-26886, CVE-2024-26901, CVE-2024-26923, CVE-2024-26934, CVE-2024-27013, CVE-2024-27020, CVE-2024-35978, CVE-2024-35982, CVE-2024-35984, CVE-2024-35997, CVE-2024-36016, CVE-2024-36902

Trust: 2.52

sources: NVD: CVE-2024-27020 // JVNDB: JVNDB-2024-003215 // CNVD: CNVD-2025-19346 // PACKETSTORM: 179887 // PACKETSTORM: 179878 // PACKETSTORM: 180058 // PACKETSTORM: 179780

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-19346

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	eq	version:	6.9	Trust: 1.8
vendor:	linux	model:	kernel	scope:	gte	version:	5.11	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	4.20	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.5	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	4.19.313	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	6.2	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	6.6.29	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	5.16	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	6.1.88	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.10.216	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	6.8.8	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.4.275	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	6.7	Trust: 1.0
vendor:	linux	model:	kernel	scope:	lt	version:	5.15.157	Trust: 1.0
vendor:	linux	model:	kernel	scope:	gte	version:	3.13	Trust: 1.0
vendor:	linux	model:	kernel	scope:	eq	version:	6.2 that's all 6.6.29	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	-	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	5.5 that's all 5.10.216	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	3.13 that's all 4.19.313	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	5.11 that's all 5.15.157	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	4.20 that's all 5.4.275	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	5.16 that's all 6.1.88	Trust: 0.8
vendor:	linux	model:	kernel	scope:	eq	version:	6.7 that's all 6.8.8	Trust: 0.8
vendor:	siemens	model:	ruggedcom rst2428p	scope:	lt	version:	v3.1	Trust: 0.6
vendor:	siemens	model:	scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 family	scope:	lt	version:	v3.1	Trust: 0.6
vendor:	siemens	model:	scalance xcm-/xrm-/xch-/xrh-300 family	scope:	lt	version:	v3.1	Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-003215 // NVD: CVE-2024-27020

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-27020
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-27020
value:	HIGH
Trust: 1.0
NVD:	CVE-2024-27020
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-19346
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-19346
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2024-27020
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2024-27020
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-003215 // NVD: CVE-2024-27020 // NVD: CVE-2024-27020

PROBLEMTYPE DATA

problemtype:	CWE-362	Trust: 1.0
problemtype:	Race condition (CWE-362) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-003215 // NVD: CVE-2024-27020

THREAT TYPE

local

Trust: 0.4

sources: PACKETSTORM: 179887 // PACKETSTORM: 179878 // PACKETSTORM: 180058 // PACKETSTORM: 179780

PATCH

title:	Linux Kernel Archives	url:	https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f	Trust: 0.8
title:	Patch for Multiple vulnerabilities in Siemens SINEC OS third-party components	url:	https://www.cnvd.org.cn/patchInfo/show/723071	Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-003215

EXTERNAL IDS

db:	NVD	id:	CVE-2024-27020	Trust: 3.0
db:	SIEMENS	id:	SSA-613116	Trust: 1.6
db:	SIEMENS	id:	SSA-398330	Trust: 1.0
db:	SIEMENS	id:	SSA-265688	Trust: 1.0
db:	JVNDB	id:	JVNDB-2024-003215	Trust: 0.8
db:	CNVD	id:	CNVD-2025-19346	Trust: 0.6
db:	PACKETSTORM	id:	179887	Trust: 0.1
db:	PACKETSTORM	id:	179878	Trust: 0.1
db:	PACKETSTORM	id:	180058	Trust: 0.1
db:	PACKETSTORM	id:	179780	Trust: 0.1

sources: CNVD: CNVD-2025-19346 // PACKETSTORM: 179887 // PACKETSTORM: 179878 // PACKETSTORM: 180058 // PACKETSTORM: 179780 // JVNDB: JVNDB-2024-003215 // NVD: CVE-2024-27020

REFERENCES

url:	https://cert-portal.siemens.com/productcert/html/ssa-613116.html	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2024-27020	Trust: 1.2
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/damsozxjepuoxw33wzywcvay7z5s7ooy/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gcbzzec7l7ktwwas2nljk6so3izil4ww/	Trust: 1.0
url:	https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f	Trust: 1.0
url:	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html	Trust: 1.0
url:	https://git.kernel.org/stable/c/a9ebf340d123ae12582210407f879d6a5a1bc25b	Trust: 1.0
url:	https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html	Trust: 1.0
url:	https://git.kernel.org/stable/c/939109c0a8e2a006a6cc8209e262d25065f4403a	Trust: 1.0
url:	https://git.kernel.org/stable/c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf	Trust: 1.0
url:	https://git.kernel.org/stable/c/b38a133d37fa421c8447b383d788c9cc6f5cb34c	Trust: 1.0
url:	https://git.kernel.org/stable/c/934e66e231cff2b18faa2c8aad0b8cec13957e05	Trust: 1.0
url:	https://cert-portal.siemens.com/productcert/html/ssa-265688.html	Trust: 1.0
url:	https://git.kernel.org/stable/c/0b6de00206adbbfc6373b3ae38d2a6f197987907	Trust: 1.0
url:	https://git.kernel.org/stable/c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5	Trust: 1.0
url:	https://cert-portal.siemens.com/productcert/html/ssa-398330.html	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ez6pjw7voz224td7n4jznu6kv32zj53/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52444	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52449	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2024-25739	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2023-46343	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52436	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26882	Trust: 0.3
url:	https://ubuntu.com/security/notices/usn-6926-1	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52752	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2024-35978	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2024-25744	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26923	Trust: 0.3
url:	https://ubuntu.com/security/notices/usn-6926-2	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2024-35997	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26857	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52469	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26901	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52435	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26840	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26934	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26884	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2024-26886	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-6938-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2024-24857	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46932	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-48619	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46960	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-52620	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-6926-3	Trust: 0.1

CREDITS

Ubuntu

Trust: 0.4

sources: PACKETSTORM: 179887 // PACKETSTORM: 179878 // PACKETSTORM: 180058 // PACKETSTORM: 179780

SOURCES

db:	CNVD	id:	CNVD-2025-19346
db:	PACKETSTORM	id:	179887
db:	PACKETSTORM	id:	179878
db:	PACKETSTORM	id:	180058
db:	PACKETSTORM	id:	179780
db:	JVNDB	id:	JVNDB-2024-003215
db:	NVD	id:	CVE-2024-27020

LAST UPDATE DATE

2026-06-19T21:28:28.131000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-19346	date:	2025-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2024-003215	date:	2024-05-27T07:35:00
db:	NVD	id:	CVE-2024-27020	date:	2026-05-12T12:16:29.880

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-19346	date:	2025-08-12T00:00:00
db:	PACKETSTORM	id:	179887	date:	2024-08-02T14:06:58
db:	PACKETSTORM	id:	179878	date:	2024-08-01T14:44:44
db:	PACKETSTORM	id:	180058	date:	2024-08-12T14:55:18
db:	PACKETSTORM	id:	179780	date:	2024-07-29T17:07:29
db:	JVNDB	id:	JVNDB-2024-003215	date:	2024-05-27T00:00:00
db:	NVD	id:	CVE-2024-27020	date:	2024-05-01T06:15:20.840