CVE-2024-41149

{"id": "CVE-2024-41149", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-01-11T13:15:19.973", "references": [{"url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: evitar reutilizar `hctx` no eliminado de la lista de devoluci\u00f3n de llamadas de cpuhp Si 'hctx' no se elimina de la lista de devoluci\u00f3n de llamadas de cpuhp, no podemos reutilizarlo, de lo contrario, se puede activar el use after free."}], "lastModified": "2025-03-24T17:31:18.310", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:6.12.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C169004B-AF0C-4A52-A1D2-A5E9CB2B9F9D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}