CVE-2024-26923

af_unix: Fix garbage collector racing against connect()

References

https://cve.org/CVERecord/?id=CVE-2024-26923

Notes

 carnil> Introduced in 1fd05ba5a2f2 ("[AF_UNIX]: Rewrite garbage collector, fixes
 carnil> race."). Vulnerable versions: 2.6.23-rc1.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	needed
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.216) [2e2a03787f4f0abc0072350654ab0ef3324d9db3]
6.1-bookworm-security	released (6.1.90-1)
6.1-upstream-stable	released (6.1.87) [b75722be422c276b699200de90527d01c602ea7c]
6.6-upstream-stable	released (6.6.28) [507cc232ffe53a352847893f8177d276c3b532a9]
6.8-upstream-stable	released (6.8.7) [dbdf7bec5c920200077d693193f989cb1513f009]
sid	needed
upstream	released (6.9-rc4) [47d8ac011fe1c9251070e1bd64cb10b48193ec51]