CVE-2024-38561

Summary

In the Linux kernel, the following vulnerability has been resolved:

kunit: Fix kthread reference

There is a race condition when a kthread finishes after the deadline and before the call to kthread_stop(), which may lead to use after free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxadf505457032c11b79b5a7c277c62ff5d61b17c2 < 1f2ebd3758e1cef6a1f998a1f7ea73310dcb1699affected
LinuxLinuxadf505457032c11b79b5a7c277c62ff5d61b17c2 < 1ec7ccb4cd4b6f72c2998b07880fa7aaf8dfe1d4affected
LinuxLinuxadf505457032c11b79b5a7c277c62ff5d61b17c2 < 8f5c841a559ccb700c8d27a3ca645b7a5f59b4f5affected
LinuxLinuxadf505457032c11b79b5a7c277c62ff5d61b17c2 < b0b755cb5a5e0d7168c3ab1b3814b0d3cad9f017affected
LinuxLinuxadf505457032c11b79b5a7c277c62ff5d61b17c2 < f8aa1b98ce40184521ed95ec26cc115a255183b2affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.93 <= 6.1.*unaffected
LinuxLinux6.6.33 <= 6.6.*unaffected
LinuxLinux6.8.12 <= 6.8.*unaffected
LinuxLinux6.9.3 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References