CVE-2024-53064
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 19, 2024
Updated: Nov 25, 2024
CWE ID 476
Summary
CVE-2024-53064 is a vulnerability affecting the Linux kernel. During a reboot, the idpf driver may release all resources and wait for the device control plane to start. If the control plane is not yet running at this time, the driver may timeout and attempt to re-establish the mailbox connection. However, the mailbox workqueue remains active, leading to null-pointer dereference when accessing the released control queue. This issue has been resolved by unrolling the work queue cancellation and mailbox deinitialization in reverse order.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX