Description

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancel_work_sync before module remove If we remove the module which will call mpc52xx_spi_remove it will free 'ms' through spi_unregister_controller. while the work ms->work will be used. The sequence of operations that may lead to a UAF bug. Fix it by ensuring that the work is canceled before proceeding with the cleanup in mpc52xx_spi_remove.

INFO

Published Date :

2025-01-11T12:25:20.277Z

Last Modified :

2025-11-03T20:43:19.203Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50051 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50051.

URL Resource
https://git.kernel.org/stable/c/373d55a47dc662e5e30d12ad5d334312f757c1f1 cve-icon cve-icon
https://git.kernel.org/stable/c/90b72189de2cddacb26250579da0510b29a8b82b cve-icon cve-icon
https://git.kernel.org/stable/c/984836621aad98802d92c4a3047114cf518074c8 cve-icon cve-icon
https://git.kernel.org/stable/c/cd5106c77d6d6828aa82449f01f4eb436d602a21 cve-icon cve-icon
https://git.kernel.org/stable/c/d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1 cve-icon cve-icon
https://git.kernel.org/stable/c/e0c6ce8424095c2da32a063d3fc027494c689817 cve-icon cve-icon
https://git.kernel.org/stable/c/f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025011122-CVE-2024-50051-d822@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50051 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50051 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact