Vulnerabilities > CVE-2024-38630 - Use After Free vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the cpu5wdt module is removing, the origin code uses del_timer() to de-activate the timer. If the timer handler is running, del_timer() could not stop it and will return directly. If the port region is released by release_region() and then the timer handler cpu5wdt_trigger() calls outb() to write into the region that is released, the use-after-free bug will happen. Change del_timer() to timer_shutdown_sync() in order that the timer handler could be finished before the port region is released.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4
- https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314
- https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a
- https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4
- https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a
- https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314