Description

In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25_ds_del_timer When the ax25 device is detaching, the ax25_dev_device_down() calls ax25_ds_del_timer() to cleanup the slave_timer. When the timer handler is running, the ax25_ds_del_timer() that calls del_timer() in it will return directly. As a result, the use-after-free bugs could happen, one of the scenarios is shown below: (Thread 1) | (Thread 2) | ax25_ds_timeout() ax25_dev_device_down() | ax25_ds_del_timer() | del_timer() | ax25_dev_put() //FREE | | ax25_dev-> //USE In order to mitigate bugs, when the device is detaching, use timer_shutdown_sync() to stop the timer.

INFO

Published Date :

2024-05-19T08:34:43.507Z

Last Modified :

2025-05-04T09:07:37.881Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35887 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35887.

URL Resource
https://git.kernel.org/stable/c/74204bf9050f7627aead9875fe4e07ba125cb19b cve-icon cve-icon
https://git.kernel.org/stable/c/c6a368f9c7af4c14b14d390c2543af8001c9bdb9 cve-icon cve-icon
https://git.kernel.org/stable/c/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024051947-CVE-2024-35887-9c08@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-35887 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-35887 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact