CVE-2024-50210

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/e56e0ec1b79f5a6272c6e78b36e9d593aa0449af", "name": "https://git.kernel.org/stable/c/e56e0ec1b79f5a6272c6e78b36e9d593aa0449af", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/5f063bbf1ee6b01611c016b54e050a41506eb794", "name": "https://git.kernel.org/stable/c/5f063bbf1ee6b01611c016b54e050a41506eb794", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1ba33b327c3f88a7baee598979d73ab5b44d41cc", "name": "https://git.kernel.org/stable/c/1ba33b327c3f88a7baee598979d73ab5b44d41cc", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/b27330128eca25179637c1816d5a72d6cc408c66", "name": "https://git.kernel.org/stable/c/b27330128eca25179637c1816d5a72d6cc408c66", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6e62807c7fbb3c758d233018caf94dfea9c65dbd", "name": "https://git.kernel.org/stable/c/6e62807c7fbb3c758d233018caf94dfea9c65dbd", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d005400262ddaf1ca1666bbcd1acf42fe81d57ce", "name": "https://git.kernel.org/stable/c/d005400262ddaf1ca1666bbcd1acf42fe81d57ce", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/a8219446b95a859488feaade674d13f9efacfa32", "name": "https://git.kernel.org/stable/c/a8219446b95a859488feaade674d13f9efacfa32", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/c7fcfdba35abc9f39b83080c2bce398dad13a943", "name": "https://git.kernel.org/stable/c/c7fcfdba35abc9f39b83080c2bce398dad13a943", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid's fd,\nand get the clk->rwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid's fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-667"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-50210", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-11-08T06:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.15.169:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.1.114:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.6.58:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.11.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.11", "versionStartIncluding": "5.10.228"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-11-19T16:26Z"}