CVE-2024-27030

MEDIUM

Linux kernel - Use After Free

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two CPUs at same time then two cores serve same event corrupting the data.

References (9)

[Patch] https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44

[Patch] https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701

[Patch] https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c

[Patch] https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a

[Patch] https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70

[Patch] https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2

[Patch] https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c

[Patch] https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Scores

CVSS v3 6.3

EPSS 0.0001

EPSS Percentile 0.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Classification

CWE

CWE-362

Status published

Affected Products (9)

linux/linux_kernel < 5.4.273

debian/debian_linux

linux/Kernel < 5.4.273linux

linux/Kernel < 5.10.214linux

linux/Kernel < 5.15.153linux

linux/Kernel < 6.1.83linux

linux/Kernel < 6.6.23linux

linux/Kernel < 6.7.11linux

linux/Kernel < 6.8.2linux

Timeline

Published May 01, 2024

Tracked Since Feb 18, 2026