CVE-2024-42239

Summary

CVE-2024-42239 is a vulnerability in the Linux kernel that affects the BPF (Berkeley Packet Filter) timer subsystem. The issue arises when attempting to cancel multiple BPF timers concurrently, leading to a lockup as both timers wait for each other to finish executing their callback functions. To mitigate this issue, a new atomic counter named 'cancelling' has been implemented to keep track of all in-flight cancellation requests for a given timer. If a cancellation request is detected while another cancellation request is already in progress, the operation fails with an error (-EDEADLK) to prevent a deadlock situation. This counter ensures that only one cancellation request is processed at a time, thereby eliminating the possibility of lockups caused by concurrent timer cancellations. Previous attempts to address this issue involved using a bool 'cancelling' bit and clearing it once the cancellation was complete, but these methods introduced race conditions. The new atomic counter provides a more reliable and efficient solution to prevent deadlocks in the Linux kernel's BPF timer subsystem.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.