CVE-2024-27404

low-risk
Published 2024-05-17

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.7/10 Medium
LOCAL / HIGH complexity

Affected Products (6)

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/2dba5774e8ed326a78ad4339d921a4291281ea6e
Patch https://git.kernel.org/stable/c/967d3c27127e71a10ff5c083583a038606431b61
Patch https://git.kernel.org/stable/c/987c3ed7297e5661bc7f448f06fc366e497ac9b2
Patch https://git.kernel.org/stable/c/e64148635509bf13eea851986f5a0b150e5bd066
Patch https://git.kernel.org/stable/c/2dba5774e8ed326a78ad4339d921a4291281ea6e
Patch https://git.kernel.org/stable/c/967d3c27127e71a10ff5c083583a038606431b61
Patch https://git.kernel.org/stable/c/987c3ed7297e5661bc7f448f06fc366e497ac9b2
Patch https://git.kernel.org/stable/c/e64148635509bf13eea851986f5a0b150e5bd066
25
/ 100
low-risk
Severity 12/34 · Low
Exploitability 0/34 · Minimal
Exposure 13/34 · Low