ID

VAR-202407-1011


CVE

CVE-2024-39503


TITLE

Linux  of  Linux Kernel  Race condition vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2024-028107

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The namespace cleanup can destroy the list:set type of sets while the gc of the set type is waiting to run in rcu cleanup. The latter uses data from the destroyed set which thus leads use after free. The patch contains the following parts: - When destroying all sets, first remove the garbage collectors, then wait if needed and then destroy the sets. - Fix the badly ordered "wait then remove gc" for the destroy a single set case. - Fix the missing rcu locking in the list:set type in the userspace test case. - Use proper RCU list handlings in the list:set type. The patch depends on c1193d9bbbd3 (netfilter: ipset: Add list flush to cancel_gc). Linux of Linux Kernel contains a race condition vulnerability and a use of already freed memory vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues. ========================================================================== Ubuntu Security Notice USN-7003-1 September 12, 2024 linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gkeop, linux-ibm, linux-kvm, linux-oracle vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems Details: It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - VMware VMCI Driver; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - USB subsystem; - JFFS2 file system; - JFS file system; - File systems infrastructure; - NILFS2 file system; - IOMMU subsystem; - Sun RPC protocol; - Netfilter; - Memory management; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - SoC Audio for Freescale CPUs drivers; (CVE-2024-40905, CVE-2024-41095, CVE-2024-41035, CVE-2024-36974, CVE-2024-40959, CVE-2024-40978, CVE-2024-42236, CVE-2024-40963, CVE-2024-40916, CVE-2024-41006, CVE-2024-39495, CVE-2023-52803, CVE-2024-42070, CVE-2024-41041, CVE-2024-42157, CVE-2024-36894, CVE-2024-42153, CVE-2024-42127, CVE-2024-42224, CVE-2024-40932, CVE-2024-42105, CVE-2024-40968, CVE-2024-41044, CVE-2024-41046, CVE-2023-52887, CVE-2024-42094, CVE-2024-40960, CVE-2024-41007, CVE-2024-40961, CVE-2024-39487, CVE-2024-39502, CVE-2024-42086, CVE-2024-36978, CVE-2024-39503, CVE-2024-41049, CVE-2024-42090, CVE-2024-42232, CVE-2024-39499, CVE-2024-40902, CVE-2024-37078, CVE-2024-39501, CVE-2024-42119, CVE-2024-40901, CVE-2024-42101, CVE-2024-42104, CVE-2024-42145, CVE-2024-41097, CVE-2024-40942, CVE-2024-41034, CVE-2024-40904, CVE-2024-41089, CVE-2024-42084, CVE-2024-42093, CVE-2024-40945, CVE-2024-40958, CVE-2024-42124, CVE-2024-40987, CVE-2024-40912, CVE-2024-39506, CVE-2024-40941, CVE-2024-39509, CVE-2024-40974, CVE-2024-39505, CVE-2024-42115, CVE-2024-40988, CVE-2024-40995, CVE-2024-42097, CVE-2024-41087, CVE-2024-42106, CVE-2024-40984, CVE-2024-40981, CVE-2024-42102, CVE-2024-42148, CVE-2024-42154, CVE-2024-42096, CVE-2024-40934, CVE-2024-40980, CVE-2024-42076, CVE-2024-40943, CVE-2024-42092, CVE-2024-42089, CVE-2024-42223, CVE-2024-38619, CVE-2024-42087, CVE-2024-39469) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1079-ibm 5.4.0-1079.84 linux-image-5.4.0-1092-bluefield 5.4.0-1092.99 linux-image-5.4.0-1099-gkeop 5.4.0-1099.103 linux-image-5.4.0-1120-kvm 5.4.0-1120.128 linux-image-5.4.0-1131-oracle 5.4.0-1131.140 linux-image-5.4.0-1132-aws 5.4.0-1132.142 linux-image-5.4.0-1136-gcp 5.4.0-1136.145 linux-image-5.4.0-1137-azure 5.4.0-1137.144 linux-image-5.4.0-195-generic 5.4.0-195.215 linux-image-5.4.0-195-generic-lpae 5.4.0-195.215 linux-image-5.4.0-195-lowlatency 5.4.0-195.215 linux-image-aws-lts-20.04 5.4.0.1132.129 linux-image-azure-lts-20.04 5.4.0.1137.131 linux-image-bluefield 5.4.0.1092.88 linux-image-gcp-lts-20.04 5.4.0.1136.138 linux-image-generic 5.4.0.195.193 linux-image-generic-lpae 5.4.0.195.193 linux-image-gkeop 5.4.0.1099.97 linux-image-gkeop-5.4 5.4.0.1099.97 linux-image-ibm-lts-20.04 5.4.0.1079.108 linux-image-kvm 5.4.0.1120.116 linux-image-lowlatency 5.4.0.195.193 linux-image-oem 5.4.0.195.193 linux-image-oem-osp1 5.4.0.195.193 linux-image-oracle-lts-20.04 5.4.0.1131.124 linux-image-virtual 5.4.0.195.193 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7003-1 CVE-2023-52803, CVE-2023-52887, CVE-2024-36894, CVE-2024-36974, CVE-2024-36978, CVE-2024-37078, CVE-2024-38619, CVE-2024-39469, CVE-2024-39487, CVE-2024-39495, CVE-2024-39499, CVE-2024-39501, CVE-2024-39502, CVE-2024-39503, CVE-2024-39505, CVE-2024-39506, CVE-2024-39509, CVE-2024-40901, CVE-2024-40902, CVE-2024-40904, CVE-2024-40905, CVE-2024-40912, CVE-2024-40916, CVE-2024-40932, CVE-2024-40934, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943, CVE-2024-40945, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40963, CVE-2024-40968, CVE-2024-40974, CVE-2024-40978, CVE-2024-40980, CVE-2024-40981, CVE-2024-40984, CVE-2024-40987, CVE-2024-40988, CVE-2024-40995, CVE-2024-41006, CVE-2024-41007, CVE-2024-41034, CVE-2024-41035, CVE-2024-41041, CVE-2024-41044, CVE-2024-41046, CVE-2024-41049, CVE-2024-41087, CVE-2024-41089, CVE-2024-41095, CVE-2024-41097, CVE-2024-42070, CVE-2024-42076, CVE-2024-42084, CVE-2024-42086, CVE-2024-42087, CVE-2024-42089, CVE-2024-42090, CVE-2024-42092, CVE-2024-42093, CVE-2024-42094, CVE-2024-42096, CVE-2024-42097, CVE-2024-42101, CVE-2024-42102, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106, CVE-2024-42115, CVE-2024-42119, CVE-2024-42124, CVE-2024-42127, CVE-2024-42145, CVE-2024-42148, CVE-2024-42153, CVE-2024-42154, CVE-2024-42157, CVE-2024-42223, CVE-2024-42224, CVE-2024-42232, CVE-2024-42236 Package Information: https://launchpad.net/ubuntu/+source/linux/5.4.0-195.215 https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1132.142 https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1137.144 https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1092.99 https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1136.145 https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1099.103 https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1079.84 https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1120.128 https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1131.140

Trust: 2.79

sources: NVD: CVE-2024-39503 // JVNDB: JVNDB-2024-028107 // CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350 // PACKETSTORM: 181483

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.10

Trust: 1.8

vendor:linuxmodel:kernelscope:eqversion:6.8

Trust: 1.8

vendor:linuxmodel:kernelscope:ltversion:5.4.279

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.15.149

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.221

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.10.210

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7.6

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.4.269

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.95

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.1.79

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.8

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.8.1

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.35

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.162

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.6.18

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.9.6

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.10.210 that's all 5.10.221

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.8.1 that's all 6.9.6

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.4.269 that's all 5.4.279

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.1.79 that's all 6.1.95

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.6.18 that's all 6.6.35

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7.6 that's all 6.8

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.15.149 that's all 5.15.162

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.2

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-028107 // NVD: CVE-2024-39503

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-39503
value: HIGH

Trust: 1.0

NVD: CVE-2024-39503
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-19346
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19350
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19346
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2025-19350
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-39503
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2024-39503
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-028107 // NVD: CVE-2024-39503

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.0

problemtype:CWE-362

Trust: 1.0

problemtype:Race condition (CWE-362) [NVD evaluation ]

Trust: 0.8

problemtype: Use of freed memory (CWE-416) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-028107 // NVD: CVE-2024-39503

THREAT TYPE

local

Trust: 0.1

sources: PACKETSTORM: 181483

PATCH

title:Linux Kernel Archivesurl:https://git.kernel.org/stable/c/0f1bb77c6d837c9513943bc7c08f04c5cc5c6568

Trust: 0.8

title:Patch for Multiple vulnerabilities in Siemens SINEC OS third-party componentsurl:https://www.cnvd.org.cn/patchInfo/show/723071

Trust: 0.6

title:Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlierurl:https://www.cnvd.org.cn/patchInfo/show/723061

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-028107

EXTERNAL IDS

db:NVDid:CVE-2024-39503

Trust: 2.7

db:SIEMENSid:SSA-613116

Trust: 1.6

db:SIEMENSid:SSA-355557

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:ICS CERTid:ICSA-25-226-07

Trust: 0.8

db:JVNid:JVNVU92169998

Trust: 0.8

db:JVNDBid:JVNDB-2024-028107

Trust: 0.8

db:CNVDid:CNVD-2025-19346

Trust: 0.6

db:CNVDid:CNVD-2025-19350

Trust: 0.6

db:PACKETSTORMid:181483

Trust: 0.1

sources: CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350 // PACKETSTORM: 181483 // JVNDB: JVNDB-2024-028107 // NVD: CVE-2024-39503

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Trust: 1.0

url:https://git.kernel.org/stable/c/0f1bb77c6d837c9513943bc7c08f04c5cc5c6568

Trust: 1.0

url:https://git.kernel.org/stable/c/c0761d1f1ce1d5b85b5e82bbb714df12de1aa8c3

Trust: 1.0

url:https://git.kernel.org/stable/c/2ba35b37f780c6410bb4bba9c3072596d8576702

Trust: 1.0

url:https://git.kernel.org/stable/c/4e7aaa6b82d63e8ddcbfb56b4fd3d014ca586f10

Trust: 1.0

url:https://git.kernel.org/stable/c/93b53c202b51a69e42ca57f5a183f7e008e19f83

Trust: 1.0

url:https://git.kernel.org/stable/c/390b353d1a1da3e9c6c0fd14fe650d69063c95d6

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://git.kernel.org/stable/c/90ae20d47de602198eb69e6cd7a3db3420abfc08

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2024-39503

Trust: 0.9

url:https://jvn.jp/vu/jvnvu92169998/

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07

Trust: 0.8

url:https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1099.103

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1120.128

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39469

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39509

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-52803

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1132.142

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1079.84

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-7003-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1136.145

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39487

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40902

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39501

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1137.144

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-36978

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39499

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.4.0-195.215

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40904

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40905

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39502

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40912

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-52887

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1131.140

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1092.99

Trust: 0.1

sources: CNVD: CNVD-2025-19346 // CNVD: CNVD-2025-19350 // PACKETSTORM: 181483 // JVNDB: JVNDB-2024-028107 // NVD: CVE-2024-39503

CREDITS

Ubuntu

Trust: 0.1

sources: PACKETSTORM: 181483

SOURCES

db:CNVDid:CNVD-2025-19346
db:CNVDid:CNVD-2025-19350
db:PACKETSTORMid:181483
db:JVNDBid:JVNDB-2024-028107
db:NVDid:CVE-2024-39503

LAST UPDATE DATE

2026-06-18T18:20:46.946000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19346date:2025-08-22T00:00:00
db:CNVDid:CNVD-2025-19350date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-028107date:2025-09-26T08:39:00
db:NVDid:CVE-2024-39503date:2026-05-12T12:16:57.363

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19346date:2025-08-12T00:00:00
db:CNVDid:CNVD-2025-19350date:2025-08-12T00:00:00
db:PACKETSTORMid:181483date:2024-09-12T14:34:12
db:JVNDBid:JVNDB-2024-028107date:2025-09-26T00:00:00
db:NVDid:CVE-2024-39503date:2024-07-12T13:15:12.757