1. Home
  2. Vulnerabilities
  3. CVE-2024-27021

CVE-2024-27021

CVSS v3.1 7.8 (High)
78% Progress
EPSS 0.04 % (10th)
0.04% Progress
Affected Products 2
Advisories 7
NVD Status Analyzed
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

In the Linux kernel, the following vulnerability has been resolved:

r8169: fix LED-related deadlock on module removal

Binding devm_led_classdev_register() to the netdev is problematic
because on module removal we get a RTNL-related deadlock. Fix this
by avoiding the device-managed LED functions.

Note: We can safely call led_classdev_unregister() for a LED even
if registering it failed, because led_classdev_unregister() detects
this and is a no-op in this case.

Weaknesses
CWE-667
Improper Locking
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
kernel.org
Published Date
2024-05-01 06:15:20
(4 months ago)
Updated Date
2024-05-23 19:37:02
(3 months ago)

Affected Products

Fedoraproject

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 6.8 version and prior 6.8.8 version cpe:2.3:o:linux:linux_kernel >= 6.8 < 6.8.8
  Linux Kernel 6.9 Rc1 cpe:2.3:o:linux:linux_kernel:6.9:rc1
  Linux Kernel 6.9 Rc2 cpe:2.3:o:linux:linux_kernel:6.9:rc2
  Linux Kernel 6.9 Rc3 cpe:2.3:o:linux:linux_kernel:6.9:rc3

Configuration #2

    CPE23 From Up To
  Fedoraproject Fedora 38 cpe:2.3:o:fedoraproject:fedora:38
  Fedoraproject Fedora 39 cpe:2.3:o:fedoraproject:fedora:39
  Fedoraproject Fedora 40 cpe:2.3:o:fedoraproject:fedora:40