CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-47709: can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().

5.5 CVSS

Description

In the Linux kernel, the following vulnerability has been resolved:

can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().

syzbot reported a warning in bcm_release(). [0]

The blamed change fixed another warning that is triggered when
connect() is issued again for a socket whose connect()ed device has
been unregistered.

However, if the socket is just close()d without the 2nd connect(), the
remaining bo->bcm_proc_read triggers unnecessary remove_proc_entry()
in bcm_release().

Let's clear bo->bcm_proc_read after remove_proc_entry() in bcm_notify().

[0]
name '4986'
WARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711
Modules linked in:
CPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
RIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711
Code: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 <0f> 0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07
RSP: 0018:ffffc9000345fa20 EFLAGS: 00010246
RAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a
R10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640
R13: 0000000000000004 R14: 000000...

Classification

CVE ID: CVE-2024-47709

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.5

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 8.91% (scored less or equal to compared to others)

EPSS Date: 2025-06-02 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2024-47709
https://git.kernel.org/stable/c/f5059fae5ed518fc56494ce5bdd4f5360de4b3bc
https://git.kernel.org/stable/c/a833da8eec20b51af39643faa7067b25c8b20f3e
https://git.kernel.org/stable/c/5cc00913c1fdcab861c4e65fa20d1f1e1bbbf977
https://git.kernel.org/stable/c/9550baada4c8ef8cebefccc746384842820b4dff
https://git.kernel.org/stable/c/7a145d6ec2124bdb94bd6fc436b342ff6ddf2b70
https://git.kernel.org/stable/c/c3d941cc734e0c8dc486c062926d5249070af5e4
https://git.kernel.org/stable/c/770b463264426cc3c167b1d44efa85f6a526ce5b
https://git.kernel.org/stable/c/b02ed2f01240b226570b4a19b5041d61f5125784
https://git.kernel.org/stable/c/94b0818fa63555a65f6ba107080659ea6bcca63e

Timeline