Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Linux Distros Unpatched Vulnerability : CVE-2024-44952

🗓️ 05 Mar 2025 00:00:00Reported by This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus
 nessus🔗 www.tenable.com👁 5 Views

Linux hosts have unpatched vulnerabilities related to driver core deadlocks in the kernel.

Related
Refs
Code
ReporterTitlePublishedViews
Family
CBLMariner		CVE-2024-44952 affecting package kernel for versions less than 5.15.167.1-1
12 Oct 202402:07
cbl_mariner
Circl		CVE-2024-44952
4 Sep 202421:56
circl
CNNVD		编号撤回
4 Sep 202400:00
cnnvd
CVE		CVE-2024-44952
4 Sep 202418:35
cve
Cvelist		CVE-2024-44952
4 Sep 202418:35
cvelist
Debian		[SECURITY] [DLA 3912-1] linux security update
7 Oct 202418:20
debian
Debian CVE		CVE-2024-44952
4 Sep 202418:35
debiancve
Tenable Nessus		Debian dla-3912 : ata-modules-5.10.0-29-armmp-di - security update
7 Oct 202400:00
nessus
Tenable Nessus		EulerOS 2.0 SP9 : kernel (EulerOS-SA-2025-1040)
14 Jan 202500:00
nessus
Tenable Nessus		CBL Mariner 2.0 Security Update: kernel (CVE-2024-44952)
13 Oct 202400:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(228850);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/03/05");

  script_cve_id("CVE-2024-44952");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2024-44952");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - In the Linux kernel, the following vulnerability has been resolved: driver core: Fix uevent_show() vs
    driver detach race uevent_show() wants to de-reference dev->driver->name. There is no clean way for a
    device attribute to de-reference dev->driver unless that attribute is defined via (struct
    device_driver).dev_groups. Instead, the anti-pattern of taking the device_lock() in the attribute handler
    risks deadlocks with code paths that remove device attributes while holding the lock. This deadlock is
    typically invisible to lockdep given the device_lock() is marked lockdep_set_novalidate_class(), but some
    subsystems allocate a local lockdep key for @dev->mutex to reveal reports of the form:
    ====================================================== WARNING: possible circular locking dependency
    detected 6.10.0-rc7+ #275 Tainted: G OE N ------------------------------------------------------
    modprobe/2374 is trying to acquire lock: ffff8c2270070de0 (kn->active#6){++++}-{0:0}, at:
    __kernfs_remove+0xde/0x220 but task is already holding lock: ffff8c22016e88f8 (&cxl_root_key){+.+.}-{3:3},
    at: device_release_driver_internal+0x39/0x210 which lock already depends on the new lock. the existing
    dependency chain (in reverse order) is: -> #1 (&cxl_root_key){+.+.}-{3:3}: __mutex_lock+0x99/0xc30
    uevent_show+0xac/0x130 dev_attr_show+0x18/0x40 sysfs_kf_seq_show+0xac/0xf0 seq_read_iter+0x110/0x450
    vfs_read+0x25b/0x340 ksys_read+0x67/0xf0 do_syscall_64+0x75/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e
    -> #0 (kn->active#6){++++}-{0:0}: __lock_acquire+0x121a/0x1fa0 lock_acquire+0xd6/0x2e0
    kernfs_drain+0x1e9/0x200 __kernfs_remove+0xde/0x220 kernfs_remove_by_name_ns+0x5e/0xa0
    device_del+0x168/0x410 device_unregister+0x13/0x60 devres_release_all+0xb8/0x110
    device_unbind_cleanup+0xe/0x70 device_release_driver_internal+0x1c7/0x210 driver_detach+0x47/0x90
    bus_remove_driver+0x6c/0xf0 cxl_acpi_exit+0xc/0x11 [cxl_acpi] __do_sys_delete_module.isra.0+0x181/0x260
    do_syscall_64+0x75/0x190 entry_SYSCALL_64_after_hwframe+0x76/0x7e The observation though is that driver
    objects are typically much longer lived than device objects. It is reasonable to perform lockless de-
    reference of a @driver pointer even if it is racing detach from a device. Given the infrequency of driver
    unregistration, use synchronize_rcu() in module_remove_driver() to close any potential races. It is
    potentially overkill to suffer synchronize_rcu() just to handle the rare module removal racing
    uevent_show() event. Thanks to Tetsuo Handa for the debug analysis of the syzbot report [1].
    (CVE-2024-44952)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-44952");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/09/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}
include('vdf.inc');

# @tvdl-content
var vuln_data = {
 "metadata": {
  "spec_version": "1.0p"
 },
 "requires": [
  {
   "scope": "scan_config",
   "match": {
    "vendor_unpatched": true
   }
  },
  {
   "scope": "target",
   "match": {
    "os": "linux"
   }
  }
 ],
 "report": {
  "report_type": "unpatched"
 },
 "checks": [
  {
   "product": {
    "name": [
     "kernel",
     "kernel-rt"
    ],
    "type": "rpm_package"
   },
   "check_algorithm": "rpm",
   "constraints": [
    {
     "requires": [
      {
       "scope": "target",
       "match": {
        "distro": "redhat"
       }
      },
      {
       "scope": "target",
       "match_one": {
        "os_version": [
         "8",
         "9"
        ]
       }
      }
     ]
    }
   ]
  }
 ]
};

var vdf_res = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_WARNING);
vdf::handle_check_and_report_errors(vdf_result: vdf_res);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 Mar 2025 00:00Current
6.9Medium risk
Vulners AI Score6.9
linux kernel vulnerabilityunpatched vulnerabilitiesdriver coredevice locking issueskernel deadlocks
5