Description

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermal_zone_get_by_id() There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has been returned by thermal_zone_get_by_id(). To address this, make thermal_zone_get_by_id() get a reference on the thermal zone device object to be returned with the help of get_device(), under thermal_list_lock, and adjust all of its callers to this change with the help of the cleanup.h infrastructure.

INFO

Published Date :

2024-10-21T19:39:31.809Z

Last Modified :

2025-05-04T09:44:09.971Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50028 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50028.

URL Resource
https://git.kernel.org/stable/c/a42a5839f400e929c489bb1b58f54596c4535167 cve-icon cve-icon
https://git.kernel.org/stable/c/c95538b286efc6109c987e97a051bc7844ede802 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024102130-CVE-2024-50028-5655@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50028 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50028 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact