{"id":"CVE-2024-56637","summary":"netfilter: ipset: Hold module reference while requesting a module","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Hold module reference while requesting a module\n\nUser space may unload ip_set.ko while it is itself requesting a set type\nbackend module, leading to a kernel crash. The race condition may be\nprovoked by inserting an mdelay() right after the nfnl_unlock() call.","modified":"2026-04-02T12:25:01.451292Z","published":"2024-12-27T15:02:39.876Z","related":["MGASA-2025-0030","MGASA-2025-0032","SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:0565-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56637.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0e67805e805c1f3edd6f43adbe08ea14b552694b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/456f010bfaefde84d3390c755eedb1b0a5857c3c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5bae60a933ba5d16eed55c6b279be51bcbbc79b0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6099b5d3e37145484fac4b8b4070c3f1abfb3519"},{"type":"WEB","url":"https://git.kernel.org/stable/c/90bf312a6b6b3d6012137f6776a4052ee85e0340"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ba5e070f36682d07ca7ad2a953e6c9d96be19dca"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e5e2d3024753fdaca818b822e3827614bacbdccf"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56637.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56637"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a7b4f989a629493bb4ec4a354def784d440b32c4"},{"fixed":"e5e2d3024753fdaca818b822e3827614bacbdccf"},{"fixed":"6099b5d3e37145484fac4b8b4070c3f1abfb3519"},{"fixed":"0e67805e805c1f3edd6f43adbe08ea14b552694b"},{"fixed":"5bae60a933ba5d16eed55c6b279be51bcbbc79b0"},{"fixed":"90bf312a6b6b3d6012137f6776a4052ee85e0340"},{"fixed":"ba5e070f36682d07ca7ad2a953e6c9d96be19dca"},{"fixed":"456f010bfaefde84d3390c755eedb1b0a5857c3c"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56637.json"}}],"schema_version":"1.7.5"}