Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2024-40956
HistoryJul 12, 2024 - 12:31 p.m.

CVE-2024-40956 dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list

2024-07-1212:31:59
Linux
github.com
2
linux kernel
dmaengine
use-after-free

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list

Use list_for_each_entry_safe() to allow iterating through the list and
deleting the entry in the iteration process. The descriptor is freed via
idxd_desc_complete() and there’s a slight chance may cause issue for
the list iterator when the descriptor is reused by another thread
without it being deleted from the list.

Related

redhatcve 1
cve 1
debiancve 1
cvelist 1
ubuntucve 1
osv 10
nvd 1
nessus 18
redhat 3
openvas 10
oraclelinux 1
redhatcve
redhatcve
CVE-2024-40956
2024-07-16 16:56:47
cve
cve
CVE-2024-40956
2024-07-12 13:15:17
debiancve
debiancve
CVE-2024-40956
2024-07-12 13:15:17
cvelist
cvelist
CVE-2024-40956 dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list
2024-07-12 12:31:59
ubuntucve
ubuntucve
CVE-2024-40956
2024-07-12 00:00:00
osv
osv
CVE-2024-40956
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
2024-09-13 09:38:11
nvd
nvd
CVE-2024-40956
2024-07-12 13:15:17
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:6268)
2024-09-04 00:00:00
RHEL 9 : kernel (RHSA-2024:6267)
2024-09-04 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2948-1)
2024-08-17 00:00:00
redhat
redhat
(RHSA-2024:6267) Moderate: kernel security update
2024-09-04 00:06:41
(RHSA-2024:6268) Moderate: kernel-rt security update
2024-09-04 00:06:53
(RHSA-2024:6406) Important: OpenShift Container Platform 4.14.36 security update
2024-09-11 18:29:32
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2948-1)
2024-08-20 00:00:00
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00

AI Score

6.6

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2024-40956
redhatcve1cve1debiancve1cvelist1ubuntucve1osv10nvd1nessus18redhat3openvas10oraclelinux1