CVE-2024-41149

Summary

In the Linux kernel, the following vulnerability has been resolved:

block: avoid to reuse hctx not removed from cpuhp callback list

If the 'hctx' isn't removed from cpuhp callback list, we can't reuse it, otherwise use-after-free may be triggered.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux58bf93580fec30d84a46be41171c5fad98b5cc70 < ee18012c80155f6809522804099621070c69ec72affected
LinuxLinuxc1291ea131d186296dc8d328a36c3caf38e8e159 < b5792c162dcf6197bf3d2de2be6c8169435b73d0affected
LinuxLinux22465bbac53c821319089016f268a2437de9b00a < 85672ca9ceeaa1dcf2777a7048af5f4aee3fd02baffected
LinuxLinux6.12.6 < 6.12.7affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References