CVE-2024-42129

Published: Jul 30, 2024Modified: Nov 3, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: leds: mlxreg: Use devm_mutex_init() for mutex initialization In this driver LEDs are registered using devm_led_classdev_register() so they are automatically unregistered after module's remove() is done. led_classdev_unregister() calls module's led_set_brightness() to turn off the LEDs and that callback uses mutex which was destroyed already in module's remove() so use devm API instead.

Affected (3)

Products: Linux: Linux Kernel

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 6.1.132
Linux Linux Kernel	From 6.2 to 6.6.63
Linux Linux Kernel	From 6.7 to 6.9.9

Related CWEs

Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

References (7)

https://git.kernel.org/stable/c/172ffd26a5af13e951d0e82df7cfc5a95b04fa80

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3b62888307ae44b68512d3f7735c26a4c8e45b51

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/618c6ce83471ab4f7ac744d27b9d03af173bc141

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/efc347b9efee1c2b081f5281d33be4559fa50a16

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3b62888307ae44b68512d3f7735c26a4c8e45b51

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/efc347b9efee1c2b081f5281d33be4559fa50a16

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.