CVE-2024-46762

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-46762

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46762.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-46762

Downstream

BELL-CVE-2024-46762

DEBIAN-CVE-2024-46762

ECHO-afdc-55ed-5899

OESA-2025-1036

UBUNTU-CVE-2024-46762

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Related

Published

2024-09-18T08:15:04Z

Modified

2025-08-09T20:01:25Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

xen: privcmd: Fix possible access to a freed kirqfd instance

Nothing prevents simultaneous ioctl calls to privcmdirqfdassign() and privcmdirqfddeassign(). If that happens, it is possible that a kirqfd created and added to the irqfdslist by privcmdirqfdassign() may get removed by another thread executing privcmdirqfd_deassign(), while the former is still using it after dropping the locks.

This can lead to a situation where an already freed kirqfd instance may be accessed and cause kernel oops.

Use SRCU locking to prevent the same, as is done for the KVM implementation for irqfds.

References

Affected packages