How severe is CVE-2024-50059?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2024-50059?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2024-50059 - HIGH Severity | CVSS 7

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition In the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev function, then &sndev->check_link_status_work is bound with check_link_status_work. switchtec_ntb_link_notification may be called to start the work. If we remove the module which will call switchtec_ntb_remove to make cleanup, it will free sndev through kfree(sndev), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | check_link_status_work switchtec_ntb_remove | kfree(sndev); | | if (sndev->link_force_down) | // use sndev Fix it by ensuring that the work is canceled before proceeding with the cleanup in switchtec_ntb_remove.

Related Vulnerabilities

CVE-2014-9940

HIGH

CVSS:7.0(High)

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted appli...

CWE-4162014

CVE-2016-10088

HIGH

CVSS:7.0(High)

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrar...

CWE-4162016

CVE-2017-10661

HIGH

CVSS:7.0(High)

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descripto...

CWE-4162017

CVE-2017-17053

HIGH

CVSS:7.0(High)

The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a...

CWE-4162017

CVE-2017-18153

HIGH

CVSS:7.0(High)

A race condition exists in a driver potentially leading to a use-after-free condition.

CWE-4162017

CVE-2017-18202

HIGH

CVSS:7.0(High)

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) ...

CWE-4162017