CVE-2024-27021

critical

Description

In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on module removal we get a RTNL-related deadlock. Fix this by avoiding the device-managed LED functions. Note: We can safely call led_classdev_unregister() for a LED even if registering it failed, because led_classdev_unregister() detects this and is a no-op in this case.

References

https://git.kernel.org/stable/c/53d986f39acd8ea11c9e460732bfa5add66360d9

https://git.kernel.org/stable/c/19fa4f2a85d777a8052e869c1b892a2f7556569d

Details

Source: Mitre, NVD

Published: 2024-05-01

Updated: 2024-05-13

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical

Detections

Analytics