CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-50210

High Severity
Linux
SVRS
54/100
CVSSv3
5.5/10
EPSS
0.00025/1

CVE-2024-50210: Fixes an unbalanced locking issue in the Linux kernel's posix-clock functionality, specifically within the pc_clock_settime() function. This vulnerability arises from an error path that leaves a lock held, leading to unbalanced locking. The correction involves validating timespec64_valid_strict() before get_clock_desc(). While the CVSS score is 5.5, indicating a medium severity, SOCRadar's Vulnerability Risk Score (SVRS) is 54. Although not critical (above 80), it warrants attention. This unbalanced locking could potentially lead to resource contention or deadlocks, impacting system stability. Addressing this flaw is crucial to prevent potential denial-of-service scenarios or other unexpected system behaviors due to lock contention. Timely patching is recommended to mitigate the risks associated with this Linux kernel vulnerability.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2024-11-08
LAST MODIFIED2024-11-19
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-50210 is a vulnerability in the Linux kernel's posix-clock implementation. This vulnerability arises from unbalanced locking in the pc_clock_settime() function, specifically in the error handling path. The issue stems from the code failing to release the rwsem read lock and fput the clockid's fd in case of an error, leading to resource leaks and potential system instability.

The SVRS score for this vulnerability is 46, indicating a moderate risk. Although the CVSS score is 0, the SVRS score incorporates a broader range of intelligence factors, including threat actor activity and exploitation status.

Key Insights

  1. Resource Leak: The unbalanced locking in the error path can lead to resource leaks. If the error condition is triggered frequently, it can deplete system resources, impacting performance and potentially causing crashes.
  2. Potential for Privilege Escalation: While the vulnerability itself doesn't directly grant access to sensitive information, it could be exploited as a stepping stone by malicious actors to gain elevated privileges within the system.
  3. Exploitation Potential: While there is currently no evidence of active exploitation in the wild, the vulnerability's nature makes it exploitable through targeted attacks. It's crucial to prioritize patching as a preventative measure.
  4. Wide Impact: This vulnerability affects all Linux systems running kernels vulnerable to CVE-2024-50210. The widespread use of Linux in various environments necessitates immediate action to mitigate the risk.

Mitigation Strategies

  1. Patching: Apply the latest kernel patch released by your distribution to address CVE-2024-50210. Patching is the most effective mitigation strategy, directly addressing the vulnerability.
  2. System Hardening: Implement system hardening measures such as disabling unnecessary services, limiting user privileges, and enforcing access control policies to further reduce the attack surface and mitigate potential damage.
  3. Regular Security Monitoring: Implement continuous security monitoring tools to detect any unusual activity on systems. Early detection can help identify potential exploitation attempts and enable swift response.
  4. Security Awareness Training: Train users on best practices for security and educate them on the importance of promptly applying security updates and reporting suspicious activity.

Additional Information

If you have additional queries regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-50210 | Linux Kernel up to 6.12-rc4 posix-clock pc_clock_settime reference count (Nessus ID 213056)
vuldb.com2024-12-17
CVE-2024-50210 | Linux Kernel up to 6.12-rc4 posix-clock pc_clock_settime reference count (Nessus ID 213056) | A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12-rc4. This affects the function pc_clock_settime of the component posix-clock. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as <a href="https://vuldb.com/?source_cve.283503
vuldb.com
rss
forum
news

Social Media

CVE-2024-50210 In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succe… https://t.co/2xiAPnprL8
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSLinuxlinux_kernel

References

ReferenceLink
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/1ba33b327c3f88a7baee598979d73ab5b44d41cc
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/5f063bbf1ee6b01611c016b54e050a41506eb794
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/6e62807c7fbb3c758d233018caf94dfea9c65dbd
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/b27330128eca25179637c1816d5a72d6cc408c66
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/e56e0ec1b79f5a6272c6e78b36e9d593aa0449af
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/1ba33b327c3f88a7baee598979d73ab5b44d41cc
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/5f063bbf1ee6b01611c016b54e050a41506eb794
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/6e62807c7fbb3c758d233018caf94dfea9c65dbd
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/a8219446b95a859488feaade674d13f9efacfa32
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/b27330128eca25179637c1816d5a72d6cc408c66
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/c7fcfdba35abc9f39b83080c2bce398dad13a943
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/d005400262ddaf1ca1666bbcd1acf42fe81d57ce
416BAAA9-DC9F-4396-8D5F-8C081FB06D67https://git.kernel.org/stable/c/e56e0ec1b79f5a6272c6e78b36e9d593aa0449af

CWE Details

CWE IDCWE NameDescription
CWE-667Improper LockingThe software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence