{"uuid": "366387a1-e7b4-4bc9-9bd2-688d0c2df483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40995", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/731", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40995 - In the Linux kernel, the following vulnerability h\", \n  \"Content\": \"CVE ID : CVE-2024-40995 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()  \n  \nsyzbot found hanging tasks waiting on rtnl_lock [1]  \n  \nA reproducer is available in the syzbot bug.  \n  \nWhen a request to add multiple actions with the same index is sent, the  \nsecond request will block forever on the first request. This holds  \nrtnl_lock, and causes tasks to hang.  \n  \nReturn -EAGAIN to prevent infinite looping, while keeping documented  \nbehavior.  \n  \n[1]  \n  \nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.  \nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0  \n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.  \ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000  \nWorkqueue: events_power_efficient reg_check_chans_work  \nCall Trace:  \n  \ncontext_switch kernel/sched/core.c:5409 [inline]  \n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746  \n__schedule_loop kernel/sched/core.c:6823 [inline]  \nschedule+0xe7/0x350 kernel/sched/core.c:6838  \nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895  \n__mutex_lock_common kernel/locking/mutex.c:684 [inline]  \n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752  \nwiphy_lock include/net/cfg80211.h:5953 [inline]  \nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]  \nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:05.000000Z"}