ax25: fix use-after-free bugs caused by ax25_ds_del_timer
When the ax25 device is detaching, the ax25_dev_device_down()
calls ax25_ds_del_timer() to cleanup the slave_timer. When
the timer handler is running, the ax25_ds_del_timer() that
calls del_timer() in it will return directly. As a result,
the use-after-free bugs could happen, one of the scenarios
is shown below:
(Thread 1) | (Thread 2)
| ax25_ds_timeout()
ax25_dev_device_down() |
ax25_ds_del_timer() |
del_timer() |
ax25_dev_put() //FREE |
| ax25_dev-> //USE
In order to mitigate bugs, when the device is detaching, use
timer_shutdown_sync() to stop the timer.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux | unaffected |
|
||||||||||||||||||
| Linux | Linux | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Ubuntu USN |
USN-6893-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-6893-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-6893-3 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-6918-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7288-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7288-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-3 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7289-4 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7291-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7293-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-2 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-3 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7294-4 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7295-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7305-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7308-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7331-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7388-1 | Linux kernel vulnerabilities |
| Ubuntu USN |
USN-7389-1 | Linux kernel (NVIDIA Tegra) vulnerabilities |
| Ubuntu USN |
USN-7390-1 | Linux kernel (Xilinx ZynqMP) vulnerabilities |
| Ubuntu USN |
USN-7393-1 | Linux kernel (FIPS) vulnerabilities |
| Ubuntu USN |
USN-7401-1 | Linux kernel (AWS) vulnerabilities |
| Ubuntu USN |
USN-7413-1 | Linux kernel (IoT) vulnerabilities |
| Ubuntu USN |
USN-7458-1 | Linux kernel (IBM) vulnerabilities |
| Ubuntu USN |
USN-7539-1 | Linux kernel (Raspberry Pi) vulnerabilities |
| Ubuntu USN |
USN-7540-1 | Linux kernel (Raspberry Pi) vulnerabilities |
Tue, 31 Dec 2024 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Linux
Linux linux Kernel |
|
| Weaknesses | CWE-416 | |
| CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* |
|
| Vendors & Products |
Linux
Linux linux Kernel |
|
| Metrics |
cvssV3_1
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2026-05-11T20:13:09.860Z
Reserved: 2024-05-17T13:50:33.112Z
Link: CVE-2024-35887
Vulnrichment
Updated: 2024-08-02T03:21:48.634Z
NVD
Status : Analyzed
Published: 2024-05-19T09:15:09.837
Modified: 2024-12-31T18:48:10.650
Link: CVE-2024-35887
Redhat
OpenCVE Enrichment
No data.