Linux Kernel up to 6.1.100/6.6.41/6.9.10 cachefiles select_req random values

| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.6 | $0-$5k | 0.00 |
Summary
A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.100/6.6.41/6.9.10. Affected by this issue is the function select_req of the component cachefiles. Performing a manipulation results in random values.
This vulnerability is identified as CVE-2024-41074. There is not any exploit available.
It is recommended to upgrade the affected component.
Details
A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.100/6.6.41/6.9.10. This affects the function select_req of the component cachefiles. The manipulation with an unknown input leads to a random values vulnerability. CWE is classifying the issue as CWE-330. The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This is going to have an impact on confidentiality. The summary by CVE is:
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set object to close if ondemand_id < 0 in copen If copen is maliciously called in the user mode, it may delete the request corresponding to the random id. And the request may have not been read yet. Note that when the object is set to reopen, the open request will be done with the still reopen state in above case. As a result, the request corresponding to this object is always skipped in select_req function, so the read request is never completed and blocks other process. Fix this issue by simply set object to close if its id < 0 in copen.
It is possible to read the advisory at git.kernel.org. This vulnerability is uniquely identified as CVE-2024-41074 since 07/12/2024. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1600.001 according to MITRE ATT&CK.
The vulnerability scanner Nessus provides a plugin with the ID 210060 (Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel kernel vulnerabilities (USN-7089-1)), which helps to determine the existence of the flaw in a target environment.
Upgrading to version 6.1.101, 6.6.42 or 6.9.11 eliminates this vulnerability. Applying the patch 703bea37d13e/c32ee78fbc67/0845c553db11/4f8703fb3482 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
The vulnerability is also documented in the databases at Tenable (210060) and CERT Bund (WID-SEC-2024-1722). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Affected
- Debian Linux
- Amazon Linux 2
- Red Hat Enterprise Linux
- Ubuntu Linux
- SUSE Linux
- IBM InfoSphere Guardium
- Oracle Linux
- NetApp FAS
- NetApp ActiveIQ Unified Manager
- Siemens SIMATIC S7
- Oracle VM
- IBM Security Guardium
- RESF Rocky Linux
- Broadcom Brocade SANnav
- Dell PowerScale
- Open Source Linux Kernel
- IBM QRadar SIEM
- Dell integrated Dell Remote Access Controller
- Dell Avamar
- IBM Storage Scale
- IBM Spectrum Protect Plus
- Juniper Junos Space
- IBM Storage Scale System
- SolarWinds Security Event Manager
- Dell PowerProtect Data Domain
- Dell PowerProtect Data Domain Management Center
- Dell PowerProtect Data Domain OS
Product
Type
Vendor
Name
Version
- 6.0
- 6.1.100
- 6.6.0
- 6.6.1
- 6.6.2
- 6.6.3
- 6.6.4
- 6.6.5
- 6.6.6
- 6.6.7
- 6.6.8
- 6.6.9
- 6.6.10
- 6.6.11
- 6.6.12
- 6.6.13
- 6.6.14
- 6.6.15
- 6.6.16
- 6.6.17
- 6.6.18
- 6.6.19
- 6.6.20
- 6.6.21
- 6.6.22
- 6.6.23
- 6.6.24
- 6.6.25
- 6.6.26
- 6.6.27
- 6.6.28
- 6.6.29
- 6.6.30
- 6.6.31
- 6.6.32
- 6.6.33
- 6.6.34
- 6.6.35
- 6.6.36
- 6.6.37
- 6.6.38
- 6.6.39
- 6.6.40
- 6.6.41
- 6.9.0
- 6.9.1
- 6.9.2
- 6.9.3
- 6.9.4
- 6.9.5
- 6.9.6
- 6.9.7
- 6.9.8
- 6.9.9
- 6.9.10
License
Website
- Vendor: https://www.kernel.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.6VulDB Meta Temp Score: 5.6
VulDB Base Score: 3.5
VulDB Temp Score: 3.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.8
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Random valuesCWE: CWE-330 / CWE-310
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 210060
Nessus Name: Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel kernel vulnerabilities (USN-7089-1)
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Kernel 6.1.101/6.6.42/6.9.11
Patch: 703bea37d13e/c32ee78fbc67/0845c553db11/4f8703fb3482
Timeline
07/12/2024 🔍07/29/2024 🔍
07/29/2024 🔍
09/26/2025 🔍
Sources
Vendor: kernel.orgAdvisory: git.kernel.org
Status: Confirmed
CVE: CVE-2024-41074 (🔍)
GCVE (CVE): GCVE-0-2024-41074
GCVE (VulDB): GCVE-100-272691
CERT Bund: WID-SEC-2024-1722 - Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Entry
Created: 07/29/2024 17:51Updated: 09/26/2025 17:00
Changes: 07/29/2024 17:51 (59), 11/01/2024 23:41 (3), 07/15/2025 17:28 (7), 07/19/2025 01:52 (1), 09/02/2025 03:26 (1), 09/26/2025 17:00 (12)
Complete: 🔍
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.