216.73.217.19

CVE-2024-39493

· Published 10/07/2024 08:15 · Modified 10/07/2024 08:15

Labels: CVE-2024-39493 2024-07-10416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-39493

Essential information

Published
10/07/2024 08:15
Modified
10/07/2024 08:15
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak Using completion_done to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called wait_for_completion, resulting in another potential UAF. Fix this by making the caller use cancel_work_sync and then freeing the memory safely.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References