{"vulnerability": "CVE-2024-53160", "sightings": [{"uuid": "2c7a3b58-f0d2-48bb-ab26-16d021900600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53160", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3le2ge4idg62i", "content": "", "creation_timestamp": "2024-12-24T12:16:12.300347Z"}, {"uuid": "6896349b-c08f-45e9-bae4-d36e09ab95ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53160", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113707763742941082", "content": "", "creation_timestamp": "2024-12-24T12:19:42.454375Z"}, {"uuid": "7075e0cd-7667-4273-a736-dfe08a2aa177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53160", "type": "seen", "source": "https://t.me/cvedetector/13589", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-53160 - Linux RCU KVFree Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-53160 \nPublished : Dec. 24, 2024, 12:15 p.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nrcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu \n \nKCSAN reports a data race when access the krcp->monitor_work.timer.expires \nvariable in the schedule_delayed_monitor_work() function: \n \n \nBUG: KCSAN: data-race in __mod_timer / kvfree_call_rcu \n \nread to 0xffff888237d1cce8 of 8 bytes by task 10149 on cpu 1: \n schedule_delayed_monitor_work kernel/rcu/tree.c:3520 [inline] \n kvfree_call_rcu+0x3b8/0x510 kernel/rcu/tree.c:3839 \n trie_update_elem+0x47c/0x620 kernel/bpf/lpm_trie.c:441 \n bpf_map_update_value+0x324/0x350 kernel/bpf/syscall.c:203 \n generic_map_update_batch+0x401/0x520 kernel/bpf/syscall.c:1849 \n bpf_map_do_batch+0x28c/0x3f0 kernel/bpf/syscall.c:5143 \n __sys_bpf+0x2e5/0x7a0 \n __do_sys_bpf kernel/bpf/syscall.c:5741 [inline] \n __se_sys_bpf kernel/bpf/syscall.c:5739 [inline] \n __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5739 \n x64_sys_call+0x2625/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:322 \n do_syscall_x64 arch/x86/entry/common.c:52 [inline] \n do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \n \nwrite to 0xffff888237d1cce8 of 8 bytes by task 56 on cpu 0: \n __mod_timer+0x578/0x7f0 kernel/time/timer.c:1173 \n add_timer_global+0x51/0x70 kernel/time/timer.c:1330 \n __queue_delayed_work+0x127/0x1a0 kernel/workqueue.c:2523 \n queue_delayed_work_on+0xdf/0x190 kernel/workqueue.c:2552 \n queue_delayed_work include/linux/workqueue.h:677 [inline] \n schedule_delayed_monitor_work kernel/rcu/tree.c:3525 [inline] \n kfree_rcu_monitor+0x5e8/0x660 kernel/rcu/tree.c:3643 \n process_one_work kernel/workqueue.c:3229 [inline] \n process_scheduled_works+0x483/0x9a0 kernel/workqueue.c:3310 \n worker_thread+0x51d/0x6f0 kernel/workqueue.c:3391 \n kthread+0x1d1/0x210 kernel/kthread.c:389 \n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147 \n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 \n \nReported by Kernel Concurrency Sanitizer on: \nCPU: 0 UID: 0 PID: 56 Comm: kworker/u8:4 Not tainted 6.12.0-rc2-syzkaller-00050-g5b7c893ed5ed #0 \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 \nWorkqueue: events_unbound kfree_rcu_monitor \n \n \nkfree_rcu_monitor() rearms the work if a \"krcp\" has to be still \noffloaded and this is done without holding krcp->lock, whereas \nthe kvfree_call_rcu() holds it. \n \nFix it by acquiring the \"krcp->lock\" for kfree_rcu_monitor() so \nboth functions do not race anymore. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-24T14:24:18.000000Z"}]}