CVE-2024-50005

Published Oct 21, 2024

Last updated 10 days ago

CVSS high 7.8

Overview

Description
In the Linux kernel, the following vulnerability has been resolved: mac802154: Fix potential RCU dereference issue in mac802154_scan_worker In the `mac802154_scan_worker` function, the `scan_req->type` field was accessed after the RCU read-side critical section was unlocked. According to RCU usage rules, this is illegal and can lead to unpredictable behavior, such as accessing memory that has been updated or causing use-after-free issues. This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues. To address this, the `scan_req->type` value is now stored in a local variable `scan_req_type` while still within the RCU read-side critical section. The `scan_req_type` is then used after the RCU lock is released, ensuring that the type value is safely accessed without violating RCU rules.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-416

Social media

Hype score
Not currently trending

  1. CVE-2024-50005 In the Linux kernel, the following vulnerability has been resolved: mac802154: Fix potential RCU dereference issue in mac802154_scan_worker In the `mac802154_scan_w… https://t.co/yNNLj1uy6y

    @CVEnew

    23 Oct 2024

    131 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-50005 Linux Kernel RCU Dereference Fix in mac802154_scan_worker In the Linux kernel, a vulnerability in the `mac802154_scan_worker` function has been fixed. The problem was that the `scan_req->type` was ... https://t.co/miBHe7w4Xp

    @VulmonFeeds

    21 Oct 2024

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References