CVE-2024-49945
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/ncsi: Disable the ncsi work before freeing the associated structure
The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2d283bdd079c0ad4da020bbc9e9c2a4280823098 < f6ca58696749268181f43150b3553f2bafd71e42 | affected |
| Linux | Linux | 2d283bdd079c0ad4da020bbc9e9c2a4280823098 < dd41dab62f32d9e9e0669af8459d12a93834b238 | affected |
| Linux | Linux | 2d283bdd079c0ad4da020bbc9e9c2a4280823098 < a0ffa68c70b367358b2672cdab6fa5bc4c40de2c | affected |
| Linux | Linux | 4.8 | affected |
| Linux | Linux | 0 < 4.8 | unaffected |
| Linux | Linux | 6.10.14 <= 6.10.* | unaffected |
| Linux | Linux | 6.11.3 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f6ca58696749268181f43150b3553f2bafd71e42
- https://git.kernel.org/stable/c/dd41dab62f32d9e9e0669af8459d12a93834b238
- https://git.kernel.org/stable/c/a0ffa68c70b367358b2672cdab6fa5bc4c40de2c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.