CVE-2024-27043

Updated: 2024-12-23 21:45:41.69491

Description:

In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocation, causing use-after-frees in many places, for example, in the following call chain: budget_register |-> dvb_dmxdev_init |-> dvb_register_device |-> dvb_dmxdev_release |-> dvb_unregister_device |-> dvb_remove_device |-> dvb_device_put |-> kref_put When calling dvb_unregister_device, dmxdev->dvbdev (i.e. *pdvbdev in dvb_register_device) could point to memory that had been freed in dvb_register_device. Thereafter, this pointer is transferred to kref_put and triggering a use-after-free.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2025:1738671431 2025-02-05 02:21:00
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Released CLSA-2025:1738670922 2025-02-05 02:21:01
CentOS 6 ELS kernel 2.6.32 7.8 HIGH In Rollout CLSA-2025:1739292069 2025-02-12 06:38:09
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1737468474 2025-02-04 02:17:32
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH In Testing CLSA-2025:1736778412 2025-02-01 23:55:13
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH In Testing CLSA-2025:1736778632 2025-02-11 00:36:55
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1738592614 2025-02-04 02:18:08
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Ignored 2025-01-10 22:41:34
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-01-10 22:41:33
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Released CLSA-2025:1739352814 2025-02-13 01:25:03
Total: 14