Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

GHSA-fpq3-4hc6-6rvg

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

In the Linux kernel, the following vulnerability has been resolved:

watchdog: Fix possible use-after-free in wdt_startup()

This module's remove path calls del_timer(). However, that function
does not wait until the timer handler finishes. This means that the
timer handler may still be running after the driver's remove function
has finished, which would result in a use-after-free.

Fix by calling del_timer_sync(), which makes sure the timer handler
has finished, and unable to re-schedule itself.

Related CVEs

CVE-2021-47324

Key Information

GHSA ID

GHSA-fpq3-4hc6-6rvg

Published

May 21, 2024 3:31 PM

Last Modified

July 3, 2024 6:42 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 12, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.