How severe is CVE-2024-26686?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-26686?

This is classified as CWE-667, which is a common weakness in software security.

CVE-2024-26686 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call do_task_stat() at the same time and the process has NR_THREADS, it will spin with irqs disabled O(NR_CPUS * NR_THREADS) time. Change do_task_stat() to use sig->stats_lock to gather the statistics outside of ->siglock protected section, in the likely case this code will run lockless.

Related Vulnerabilities

CVE-2000-0338

MEDIUM

CVSS:5.5(Medium)

Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use ...

CWE-6672000

CVE-2000-1198

MEDIUM

CVSS:5.5(Medium)

qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.

CWE-6672000

CVE-2001-0682

MEDIUM

CVSS:5.5(Medium)

ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.

CWE-6672001

CVE-2002-1914

MEDIUM

CVSS:5.5(Medium)

dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file.

CWE-6672002

CVE-2002-1915

MEDIUM

CVSS:5.5(Medium)

tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.

CWE-6672002

CVE-2005-2456

MEDIUM

CVSS:5.5(Medium)

Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via...

CWE-6672005