CVE-2024-39493
UNKNOWN
Published 2024-07-10T07:18:39.443Z
Actions:
No CVSS data available
Description
In the Linux kernel, the following vulnerability has been resolved:
crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
Using completion_done to determine whether the caller has gone
away only works after a complete call. Furthermore it's still
possible that the caller has not yet called wait_for_completion,
resulting in another potential UAF.
Fix this by making the caller use cancel_work_sync and then freeing
the memory safely.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
daba62d9eeddcc5b1081be7d348ca836c83c59d7
8e81cd58aee14a470891733181a47d123193ba81
d03092550f526a79cf1ade7f0dfa74906f39eb71
4ae5a97781ce7d6ecc9c7055396535815b64ca4f
226fc408c5fcd23cc4186f05ea3a09a7a9aef2f7
8a5a7611ccc7b1fba8d933a9f22a2e76859d94dc
7d42e097607c4d246d99225bf2b195b6167a210c
7d42e097607c4d246d99225bf2b195b6167a210c
0c2cf5142bfb634c0ef0a1a69cdf37950747d0be
bb279ead42263e9fb09480f02a4247b2c287d828
References
Published: 2024-07-10T07:18:39.443Z
Last Modified: 2025-05-04T12:57:04.627Z
Copied to clipboard!