CVE-2024-39292
CVSS v3.1
5.5 (Medium)
EPSS
0.04 % (5th)
Affected Products
1
Advisories
20
NVD Status
Modified
In the Linux kernel, the following vulnerability has been resolved:
um: Add winch to winch_handlers before registering winch IRQ
Registering a winch IRQ is racy, an interrupt may occur before the winch is
added to the winch_handlers list.
If that happens, register_winch_irq() adds to that list a winch that is
scheduled to be (or has already been) freed, causing a panic later in
winch_cleanup().
Avoid the race by adding the winch to the winch_handlers list before
registering the IRQ, and rolling back if um_request_irq() fails.
Weaknesses
- CWE-415
- Double Free
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- kernel.org
- Published Date
-
2024-06-24 14:15:12
(2 months ago) - Updated Date
-
2024-07-15 07:15:14
(2 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...