github - ghsa-w2rf-r2gq-hxp9

ghsa-w2rf-r2gq-hxp9

Vulnerability from github

Published

2025-01-11 15:30

Modified

2025-02-11 18:31

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

block: avoid to reuse hctx not removed from cpuhp callback list

If the 'hctx' isn't removed from cpuhp callback list, we can't reuse it, otherwise use-after-free may be triggered.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-41149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-11T13:15:19Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
  "id": "GHSA-w2rf-r2gq-hxp9",
  "modified": "2025-02-11T18:31:28Z",
  "published": "2025-01-11T15:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41149"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-41149 (GCVE-0-2024-41149)

Vulnerability from cvelistv5

Published

2025-01-11 12:35

Modified

2025-05-04 09:22

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

In the Linux kernel, the following vulnerability has been resolved: block: avoid to reuse `hctx` not removed from cpuhp callback list If the 'hctx' isn't removed from cpuhp callback list, we can't reuse it, otherwise use-after-free may be triggered.

References

URL

Tags

	https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72
	https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0
	https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b

Impacted products

Vendor

Product

Version

Version: 58bf93580fec30d84a46be41171c5fad98b5cc70
Version: c1291ea131d186296dc8d328a36c3caf38e8e159
Version: 22465bbac53c821319089016f268a2437de9b00a

Version: 6.12.6 ≤

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-41149",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T15:41:11.000102Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T15:45:20.309Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-mq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ee18012c80155f6809522804099621070c69ec72",
              "status": "affected",
              "version": "58bf93580fec30d84a46be41171c5fad98b5cc70",
              "versionType": "git"
            },
            {
              "lessThan": "b5792c162dcf6197bf3d2de2be6c8169435b73d0",
              "status": "affected",
              "version": "c1291ea131d186296dc8d328a36c3caf38e8e159",
              "versionType": "git"
            },
            {
              "lessThan": "85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b",
              "status": "affected",
              "version": "22465bbac53c821319089016f268a2437de9b00a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-mq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.12.7",
              "status": "affected",
              "version": "6.12.6",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.7",
                  "versionStartIncluding": "6.12.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:22:05.525Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b"
        }
      ],
      "title": "block: avoid to reuse `hctx` not removed from cpuhp callback list",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-41149",
    "datePublished": "2025-01-11T12:35:33.428Z",
    "dateReserved": "2025-01-11T12:33:33.672Z",
    "dateUpdated": "2025-05-04T09:22:05.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.