CVE-2024-42112

HIGH

Linux Kernel 6.8.12-6.9 - Use-After-Free in txgbe ISB Resource Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: free isb resources at the right time When using MSI/INTx interrupt, the shared interrupts are still being handled in the device remove routine, before free IRQs. So isb memory is still read after it is freed. Thus move wx_free_isb_resources() from txgbe_close() to txgbe_remove(). And fix the improper isb free action in txgbe_open() error handling path.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/efdc3f54299835ddef23bea651c753c4d467010b

Patch

https://git.kernel.org/stable/c/935124dd5883b5de68dc5a94f582480a10643dc9

Scores

CVSS v3 7.8

EPSS 0.0023

EPSS Percentile 14.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (10)

Linux/Linux < 6.9

Linux/Linux 6.10

Linux/Linux 6.8.12 - 6.9

Linux/Linux 6.9

Linux/Linux 6.9.9 - 6.9.*

Linux/Linux aefd013624a10f39b0bfaee8432a235128705380 - 935124dd5883b5de68dc5a94f582480a10643dc9

Linux/Linux aefd013624a10f39b0bfaee8432a235128705380 - efdc3f54299835ddef23bea651c753c4d467010b

Linux/Linux ffe8a87463c8bb885c42ed54540d06ed041e76dc

linux/linux_kernel 6.10 rc1 (6 CPE variants)

linux/linux_kernel 6.8.12 - 6.9

Published Jul 30, 2024

Tracked Since Feb 18, 2026