{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-27067", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.216Z", "datePublished": "2024-05-01T13:04:16.051Z", "dateUpdated": "2026-05-23T15:41:48.473Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-23T15:41:48.473Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/evtchn: avoid WARN() when unbinding an event channel\n\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\n\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/xen/evtchn.c"], "versions": [{"version": "3c8f5965a99397368d3762a9814a21a3e442e1a4", "lessThan": "99e425032c6ec13584d3cd33846e0c7307501b47", "status": "affected", "versionType": "git"}, {"version": "9e90e58c11b74c2bddac4b2702cf79d36b981278", "lessThan": "35485dad6e28f9b17884764d4692b1655cb848d0", "status": "affected", "versionType": "git"}, {"version": "9e90e58c11b74c2bddac4b2702cf79d36b981278", "lessThan": "9e2d4b58c1da48a32905802aaeadba7084b46895", "status": "affected", "versionType": "git"}, {"version": "9e90e58c11b74c2bddac4b2702cf79d36b981278", "lessThan": "51c23bd691c0f1fb95b29731c356c6fd69925d17", "status": "affected", "versionType": "git"}, {"version": "6.6.19", "lessThan": "6.6.23", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/xen/evtchn.c"], "versions": [{"version": "6.7", "status": "affected"}, {"version": "0", "lessThan": "6.7", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.19", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47"}, {"url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0"}, {"url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895"}, {"url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17"}], "title": "xen/evtchn: avoid WARN() when unbinding an event channel", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T17:40:05.117300Z", "id": "CVE-2024-27067", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:45:14.642Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:27:57.836Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:27:57.836Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27067", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-17T17:40:05.117300Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:40:06.210Z"}}], "cna": {"title": "xen/evtchn: avoid WARN() when unbinding an event channel", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3c8f5965a99397368d3762a9814a21a3e442e1a4", "lessThan": "99e425032c6ec13584d3cd33846e0c7307501b47", "versionType": "git"}, {"status": "affected", "version": "9e90e58c11b74c2bddac4b2702cf79d36b981278", "lessThan": "35485dad6e28f9b17884764d4692b1655cb848d0", "versionType": "git"}, {"status": "affected", "version": "9e90e58c11b74c2bddac4b2702cf79d36b981278", "lessThan": "9e2d4b58c1da48a32905802aaeadba7084b46895", "versionType": "git"}, {"status": "affected", "version": "9e90e58c11b74c2bddac4b2702cf79d36b981278", "lessThan": "51c23bd691c0f1fb95b29731c356c6fd69925d17", "versionType": "git"}, {"status": "affected", "version": "6.6.19", "lessThan": "6.6.23", "versionType": "semver"}], "programFiles": ["drivers/xen/evtchn.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.7"}, {"status": "unaffected", "version": "0", "lessThan": "6.7", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/xen/evtchn.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47"}, {"url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0"}, {"url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895"}, {"url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/evtchn: avoid WARN() when unbinding an event channel\n\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\n\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.6.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "6.7"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-23T15:41:48.473Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27067", "state": "PUBLISHED", "dateUpdated": "2026-05-23T15:41:48.473Z", "dateReserved": "2024-02-19T14:20:24.216Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-01T13:04:16.051Z", "assignerShortName": "Linux"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "82EEFF87-D1F0-4DA5-ABA3-76779055DE39", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/evtchn: avoid WARN() when unbinding an event channel\n\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\n\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: xen/evtchn: evite WARN() al desvincular un canal de eventos Al desvincular un canal de eventos de usuario, es posible que se llame al controlador relacionado por \u00faltima vez en caso de que el kernel se haya compilado con CONFIG_DEBUG_SHIRQ. Esto podr\u00eda provocar un WARN() en el controlador. Evite esto agregando un indicador de \"desvinculaci\u00f3n\" a la estructura user_event que provocar\u00e1 un cortocircuito en el controlador."}], "id": "CVE-2024-27067", "lastModified": "2025-09-18T16:55:15.740", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-01T13:15:50.893", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: xen/evtchn: avoid WARN() when unbinding an event channel", "id": "2278376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278376"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nxen/evtchn: avoid WARN() when unbinding an event channel\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler."], "name": "CVE-2024-27067", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27067\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27067\nhttps://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27067-38e7@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-13T11:31:00.265416+00:00", "updated": "2025-07-13T11:31:00.265468+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}