vulnerability

Red Hat: CVE-2024-0562: kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Jan 15, 2024	Jan 26, 2024	Mar 13, 2024

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Jan 15, 2024

Added

Jan 26, 2024

Modified

Mar 13, 2024

Description

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback.

Solution

redhat-upgrade-kernel

References

NVD-CVE-2024-0562
REDHAT-RHSA-2024:0412

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today