Vulnerability Details : CVE-2024-50127
In the Linux kernel, the following vulnerability has been resolved:
net: sched: fix use-after-free in taprio_change()
In 'taprio_change()', 'admin' pointer may become dangling due to sched
switch / removal caused by 'advance_sched()', and critical section
protected by 'q->current_entry_lock' is too small to prevent from such
a scenario (which causes use-after-free detected by KASAN). Fix this
by prefer 'rcu_replace_pointer()' over 'rcu_assign_pointer()' to update
'admin' immediately before an attempt to schedule freeing.
Vulnerability category: Memory Corruption
Products affected by CVE-2024-50127
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2024-50127
0.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-50127
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-12-11 |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-11-08 |
CWE ids for CVE-2024-50127
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2024-50127
-
https://git.kernel.org/stable/c/2f868ce6013548a713c431c679ef73747a66fcf3
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/fe371f084073e8672a2d7d46b335c3c060d1e301
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/2240f9376f20f8b6463232b4ca7292569217237f
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/999612996df28d81f163dad530d7f8026e03aec6
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/8a283a19026aaae8a773fd8061263cfa315b127f
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/0d4c0d2844e4eac3aed647f948fd7e60eea56a61
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/f504465970aebb2467da548f7c1efbbf36d0f44b
net: sched: fix use-after-free in taprio_change() - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to