CVE-2024-57875

MEDIUM

Linux Kernel < 6.12.5 - Use-After-Free in Disk Zone Bitmap Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: block: RCU protect disk->conv_zones_bitmap Ensure that a disk revalidation changing the conventional zones bitmap of a disk does not cause invalid memory references when using the disk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap pointer. disk_zone_is_conv() is modified to operate under the RCU read lock and the function disk_set_conv_zones_bitmap() is added to update a disk conv_zones_bitmap pointer using rcu_replace_pointer() with the disk zone_wplugs_lock spinlock held. disk_free_zone_resources() is modified to call disk_update_zone_resources() with a NULL bitmap pointer to free the disk conv_zones_bitmap. disk_set_conv_zones_bitmap() is also used in disk_update_zone_resources() to set the new (revalidated) bitmap and free the old one.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc

Patch

https://git.kernel.org/stable/c/d7cb6d7414ea1b33536fa6d11805cb8dceec1f97

Scores

CVSS v3 5.5

EPSS 0.0018

EPSS Percentile 7.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-416

Status published

Products (8)

linux/Kernel 6.10.0 - 6.12.5linux

Linux/Linux < 6.10

Linux/Linux 6.10

Linux/Linux 6.12.5 - 6.12.*

Linux/Linux 6.13

Linux/Linux dd291d77cc90eb6a86e9860ba8e6e38eebd57d12 - 493326c4f10cc71a42c27fdc97ce112182ee4cbc

Linux/Linux dd291d77cc90eb6a86e9860ba8e6e38eebd57d12 - d7cb6d7414ea1b33536fa6d11805cb8dceec1f97

linux/linux_kernel < 6.12.5

Published Jan 11, 2025

Tracked Since Feb 18, 2026