THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-36932

thermal/debugfs: Prevent use-after-free from occurring after cdev removal

Assigner:Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
Reserved:2024-05-30
Published:2024-05-30
Updated:2024-06-07

Description

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermal_debug_cdev_remove() does not run under cdev->lock, it can run in parallel with thermal_debug_cdev_state_update() and it may free the struct thermal_debugfs object used by the latter after it has been checked against NULL. If that happens, thermal_debug_cdev_state_update() will access memory that has been freed already causing the kernel to crash. Address this by using cdev->lock in thermal_debug_cdev_remove() around the cdev->debugfs value check (in case the same cdev is removed at the same time in two different threads) and its reset to NULL. Cc :6.8+ <stable@vger.kernel.org> # 6.8+

Product status

Default status
unaffected

755113d76786 before c1279dee3336
affected

755113d76786 before d351eb0ab04c
affected

Default status
affected

6.8
affected

Any version before 6.8
unaffected

6.8.10
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/c1279dee33369e2525f532364bb87207d23b9481

https://git.kernel.org/stable/c/d351eb0ab04c3e8109895fc33250cebbce9c11da

cve.org CVE-2024-36932

nvd.nist.gov CVE-2024-36932

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-36932