← Back

CVE-2024-49981

nvd nist
Published: Oct 21, 2024Modified: Jun 17, 2026

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in venus_remove due to race condition in venus_probe, core->work is bound with venus_sys_error_handler, which is used to handle error. The code use core->sys_err_done to make sync work. The core->work is started in venus_event_notify. If we call venus_remove, there might be an unfished work. The possible sequence is as follows: CPU0 CPU1 |venus_sys_error_handler venus_remove | hfi_destroy | venus_hfi_destroy | kfree(hdev); | |hfi_reinit |venus_hfi_queues_reinit |//use hdev Fix it by canceling the work in venus_remove.

Affected (6)

Products: Linux: Linux Kernel
1 product
Linux Kernel
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Linux
From 4.13 to 5.10.227
From 5.11 to 5.15.168
From 5.16 to 6.1.113
From 6.11 to 6.11.3
From 6.2 to 6.6.55
From 6.7 to 6.10.14

References (11)

Timeline

No history available yet.