CVE-2024-45007

Triggered by a kref decrement, destroy_workqueue() may be called from within a work item for destroying its own workqueue. This illegal situation is averted by adding a module-global workqueue for exclusive use of the offending work item. Other work items continue to be queued on per-device workqueues to ensure performance.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/45xxx/CVE-2024-45007.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a53d1202aef122894b6e46116a92174a9123db5d

Fixed

409b495f8e3300d5fba08bc817fa8825dae48cc9

Fixed

5d3567caff2a1d678aa40cc74a54e1318941fad3

Fixed

a7ad105b12256ec7fb6d6d1a0e2e60f00b7da157

Fixed

aa1a19724fa2c31e97a9be48baedd4692b265157

Fixed

ccbde4b128ef9c73d14d0d7817d68ef795f6d131

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45007.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.14.0

Fixed

5.15.166

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.107

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.48

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45007.json"