{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2024-53042", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-11-19T17:17:24.971Z", "datePublished": "2024-11-19T17:19:30.854Z", "dateUpdated": "2026-05-23T15:55:03.561Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-23T15:55:03.561Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()\n\nThere are code paths from which the function is called without holding\nthe RCU read lock, resulting in a suspicious RCU usage warning [1].\n\nFix by using l3mdev_master_upper_ifindex_by_index() which will acquire\nthe RCU read lock before calling\nl3mdev_master_upper_ifindex_by_index_rcu().\n\n[1]\nWARNING: suspicious RCU usage\n6.12.0-rc3-custom-gac8f72681cf2 #141 Not tainted\n-----------------------------\nnet/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n1 lock held by ip/361:\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 361 Comm: ip Not tainted 6.12.0-rc3-custom-gac8f72681cf2 #141\nHardware name: Bochs Bochs, BIOS Bochs 01/01/2011\nCall Trace:\n \n dump_stack_lvl+0xba/0x110\n lockdep_rcu_suspicious.cold+0x4f/0xd6\n dev_get_by_index_rcu+0x1d3/0x210\n l3mdev_master_upper_ifindex_by_index_rcu+0x2b/0xf0\n ip_tunnel_bind_dev+0x72f/0xa00\n ip_tunnel_newlink+0x368/0x7a0\n ipgre_newlink+0x14c/0x170\n __rtnl_newlink+0x1173/0x19c0\n rtnl_newlink+0x6c/0xa0\n rtnetlink_rcv_msg+0x3cc/0xf60\n netlink_rcv_skb+0x171/0x450\n netlink_unicast+0x539/0x7f0\n netlink_sendmsg+0x8c1/0xd80\n ____sys_sendmsg+0x8f9/0xc20\n ___sys_sendmsg+0x197/0x1e0\n __sys_sendmsg+0x122/0x1f0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f" } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "include/net/ip_tunnels.h" ], "versions": [ { "version": "ab6c9463b137163ba53fc050bf2c72bed2c997b8", "lessThan": "e2742758c9c85c84e077ede5f916479f724e11c2", "status": "affected", "versionType": "git" }, { "version": "760852df570747e500a9632d34cbbf4faef30855", "lessThan": "5edcb3fdb12c3d46a6e79eeeec27d925b80fc168", "status": "affected", "versionType": "git" }, { "version": "db53cd3d88dc328dea2e968c9c8d3b4294a8a674", "lessThan": "72c0f482e39c87317ebf67661e28c8d86c93e870", "status": "affected", "versionType": "git" }, { "version": "db53cd3d88dc328dea2e968c9c8d3b4294a8a674", "lessThan": "699b48fc31727792edf2cab3829586ae6ba649e2", "status": "affected", "versionType": "git" }, { "version": "db53cd3d88dc328dea2e968c9c8d3b4294a8a674", "lessThan": "6dfaa458fe923211c766238a224e0a3c0522935c", "status": "affected", "versionType": "git" }, { "version": "db53cd3d88dc328dea2e968c9c8d3b4294a8a674", "lessThan": "ad4a3ca6a8e886f6491910a3ae5d53595e40597d", "status": "affected", "versionType": "git" }, { "version": "5.10.227", "lessThan": "5.10.229", "status": "affected", "versionType": "semver" }, { "version": "5.15.168", "lessThan": "5.15.171", "status": "affected", "versionType": "semver" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "include/net/ip_tunnels.h" ], "versions": [ { "version": "5.18", "status": "affected" }, { "version": "0", "lessThan": "5.18", "status": "unaffected", "versionType": "semver" }, { "version": "5.10.229", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.171", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.116", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.60", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.11.7", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.12", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.227", "versionEndExcluding": "5.10.229" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.168", "versionEndExcluding": "5.15.171" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.1.116" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.6.60" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.11.7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18", "versionEndExcluding": "6.12" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/e2742758c9c85c84e077ede5f916479f724e11c2" }, { "url": "https://git.kernel.org/stable/c/5edcb3fdb12c3d46a6e79eeeec27d925b80fc168" }, { "url": "https://git.kernel.org/stable/c/72c0f482e39c87317ebf67661e28c8d86c93e870" }, { "url": "https://git.kernel.org/stable/c/699b48fc31727792edf2cab3829586ae6ba649e2" }, { "url": "https://git.kernel.org/stable/c/6dfaa458fe923211c766238a224e0a3c0522935c" }, { "url": "https://git.kernel.org/stable/c/ad4a3ca6a8e886f6491910a3ae5d53595e40597d" } ], "title": "ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "metrics": [ { "cvssV3_1": { "scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE" } }, { "other": { "type": "ssvc", "content": { "id": "CVE-2024-53042", "role": "CISA Coordinator", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "version": "2.0.3", "timestamp": "2025-10-01T20:13:44.449792Z" } } } ], "problemTypes": [ { "descriptions": [ { "lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information" } ] } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T20:17:19.574Z" } }, { "title": "CVE Program Container", "references": [ { "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T22:28:44.629Z" } }, { "x_adpType": "supplier", "providerMetadata": { "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T12:01:02.694Z" }, "affected": [ { "vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [ { "status": "affected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html" } ] } ] } }