CVE-2024-38561

high

Description

In the Linux kernel, the following vulnerability has been resolved: kunit: Fix kthread reference There is a race condition when a kthread finishes after the deadline and before the call to kthread_stop(), which may lead to use after free.

References

https://git.kernel.org/stable/c/f8aa1b98ce40184521ed95ec26cc115a255183b2

https://git.kernel.org/stable/c/b0b755cb5a5e0d7168c3ab1b3814b0d3cad9f017

https://git.kernel.org/stable/c/8f5c841a559ccb700c8d27a3ca645b7a5f59b4f5

https://git.kernel.org/stable/c/1f2ebd3758e1cef6a1f998a1f7ea73310dcb1699

https://git.kernel.org/stable/c/1ec7ccb4cd4b6f72c2998b07880fa7aaf8dfe1d4

Details

Source: Mitre, NVD

Published: 2024-06-19

Updated: 2024-08-30

Risk Information

CVSS v2

Base Score: 6

Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.0009

Detections

Analytics