THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-39493

crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak

AssignerLinux
Reserved2024-06-25
Published2024-07-10
Updated2024-07-15

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak Using completion_done to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called wait_for_completion, resulting in another potential UAF. Fix this by making the caller use cancel_work_sync and then freeing the memory safely.

Product status

Default status
unaffected

daba62d9eedd before 0ce5964b82f2
affected

8e81cd58aee1 before 6396b33e98c0
affected

d03092550f52 before a718b6d2a329
affected

4ae5a97781ce before 3fb4601e0db1
affected

226fc408c5fc before e7428e7e3fe9
affected

8a5a7611ccc7 before c2d443aa1ae3
affected

7d42e097607c before d0fd12497272
affected

7d42e097607c before d3b17c6d9ddd
affected

Default status
affected

6.9
affected

Any version before 6.9
unaffected

4.19.316
unaffected

5.4.278
unaffected

5.10.219
unaffected

5.15.161
unaffected

6.1.94
unaffected

6.6.34
unaffected

6.9.5
unaffected

6.10
unaffected

References

https://git.kernel.org/stable/c/0ce5964b82f212f4df6a9813f09a0b5de15bd9c8

https://git.kernel.org/stable/c/6396b33e98c096bff9c253ed49c008247963492a

https://git.kernel.org/stable/c/a718b6d2a329e069b27d9049a71be5931e71d960

https://git.kernel.org/stable/c/3fb4601e0db10d4fe25e46f3fa308d40d37366bd

https://git.kernel.org/stable/c/e7428e7e3fe94a5089dc12ffe5bc31574d2315ad

https://git.kernel.org/stable/c/c2d443aa1ae3175c13a665f3a24b8acd759ce9c3

https://git.kernel.org/stable/c/d0fd124972724cce0d48b9865ce3e273ef69e246

https://git.kernel.org/stable/c/d3b17c6d9dddc2db3670bc9be628b122416a3d26

cve.org CVE-2024-39493

nvd.nist.gov CVE-2024-39493

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-39493
© Copyright 2024 THREATINT. Made in Cyprus with +