Metrics
Affected Vendors & Products
Fri, 08 Nov 2024 16:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| References |  | 
Fri, 25 Oct 2024 15:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Linux Linux linux Kernel | |
| Weaknesses | CWE-362 CWE-416 | |
| CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
| Vendors & Products | Linux Linux linux Kernel | |
| Metrics | cvssV3_1 
 | cvssV3_1 
 | 
Tue, 22 Oct 2024 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Tue, 22 Oct 2024 13:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| References |  | |
| Metrics | threat_severity 
 | cvssV3_1 
 
 | 
Mon, 21 Oct 2024 18:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in venus_remove due to race condition in venus_probe, core->work is bound with venus_sys_error_handler, which is used to handle error. The code use core->sys_err_done to make sync work. The core->work is started in venus_event_notify. If we call venus_remove, there might be an unfished work. The possible sequence is as follows: CPU0 CPU1 |venus_sys_error_handler venus_remove | hfi_destroy | venus_hfi_destroy | kfree(hdev); | |hfi_reinit |venus_hfi_queues_reinit |//use hdev Fix it by canceling the work in venus_remove. | |
| Title | media: venus: fix use after free bug in venus_remove due to race condition | |
| References |  | 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: Linux
Published: 2024-10-21T18:02:27.142Z
Updated: 2025-05-04T09:42:57.046Z
Reserved: 2024-10-21T12:17:06.052Z
Link: CVE-2024-49981
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-10-22T13:32:33.434Z
 NVD
                        NVD
                    Status : Modified
Published: 2024-10-21T18:15:18.670
Modified: 2024-11-08T16:15:39.567
Link: CVE-2024-49981
 Redhat
                        Redhat