CVE-2024-45007

Updated:

Description:

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be called from within a work item for destroying its own workqueue. This illegal situation is averted by adding a module-global workqueue for exclusive use of the offending work item. Other work items continue to be queued on per-device workqueues to ensure performance.

CVSS3: 5.5


Vendor State

OS Vendor version Errata
Ubuntu 22.04 5.15.0-125.135 USN-7100-1
Ubuntu 22.04 AWS 5.15.0-1072.78 USN-7100-2
Ubuntu 22.04 Azure 5.15.0-1075.84 USN-7123-1
Ubuntu 20.04 HWE AWS 5.15.0-1072.78~20.04.1 USN-7100-1
Oracle Linux 9 UEK 7 5.15.0-302.167.6.el9uek ELSA-2024-12815
Oracle Linux 8 UEK 7 5.15.0-302.167.6.el8uek ELSA-2024-12815
Debian 12 6.1.112-1 DSA-5782-1
Ubuntu 24.04 6.8.0-50.51 USN-7154-1

KernelCare State

OS Original kernel version State
Ubuntu 22.04
Planned
Ubuntu 22.04 AWS
Planned
Ubuntu 22.04 Azure
Planned
Ubuntu 20.04 HWE AWS
Planned
Oracle Linux 9 UEK 7
Planned
Oracle Linux 8 UEK 7
Planned
Debian 12
Planned
Ubuntu 24.04
Planned