CVE-2024-53181

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-53181
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53181.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-53181
Downstream
Related
Published
2024-12-27T13:49:24.919Z
Modified
2026-05-18T05:56:10.910863683Z
Summary
um: vector: Do not use drvdata in release
Details

In the Linux kernel, the following vulnerability has been resolved:

um: vector: Do not use drvdata in release

The drvdata is not available in release. Let's just use containerof() to get the vectordevice instance. Otherwise, removing a vector device will result in a crash:

RIP: 0033:vectordevicerelease+0xf/0x50 RSP: 00000000e187bc40 EFLAGS: 00010202 RAX: 0000000060028f61 RBX: 00000000600f1baf RCX: 00000000620074e0 RDX: 000000006220b9c0 RSI: 0000000060551c80 RDI: 0000000000000000 RBP: 00000000e187bc50 R08: 00000000603ad594 R09: 00000000e187bb70 R10: 000000000000135a R11: 00000000603ad422 R12: 00000000623ae028 R13: 000000006287a200 R14: 0000000062006d30 R15: 00000000623700b6 Kernel panic - not syncing: Segfault with no mm CPU: 0 UID: 0 PID: 16 Comm: kworker/0:1 Not tainted 6.12.0-rc6-g59b723cd2adb #1 Workqueue: events mcworkproc Stack: 60028f61 623ae028 e187bc80 60276fcd 6220b9c0 603f5820 623ae028 00000000 e187bcb0 603a2bcd 623ae000 62370010 Call Trace: [<60028f61>] ? vectordevicerelease+0x0/0x50 [<60276fcd>] devicerelease+0x70/0xba [<603a2bcd>] kobjectput+0xba/0xe7 [<60277265>] putdevice+0x19/0x1c [<60281266>] platformdeviceput+0x26/0x29 [<60281e5f>] platformdeviceunregister+0x2c/0x2e [<60029422>] vectorremove+0x52/0x58 [<60031316>] ? mconsolereply+0x0/0x50 [<600310c8>] mconsoleremove+0x160/0x1cc [<603b19f4>] ? strlen+0x0/0x15 [<60066611>] ? __dequeueentity+0x1a9/0x206 [<600666a7>] ? setnextentity+0x39/0x63 [<6006666e>] ? setnextentity+0x0/0x63 [<60038fa6>] ? umsetsignals+0x0/0x43 [<6003070c>] mcworkproc+0x77/0x91 [<60057664>] processscheduledworks+0x1b3/0x2dd [<60055f32>] ? assignwork+0x0/0x58 [<60057f0a>] workerthread+0x1e9/0x293 [<6005406f>] ? setpfworker+0x0/0x64 [<6005d65d>] ? archlocalirqsave+0x0/0x2d [<6005d748>] ? kthreadexit+0x0/0x3a [<60057d21>] ? workerthread+0x0/0x293 [<6005dbf1>] kthread+0x126/0x12b [<600219c5>] newthreadhandler+0x85/0xb6

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53181.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
49da7e64f33e80edffb1a9eeb230fa4c3f42dffb
Fixed
8ed7793f6f589b4e1f0b38f8448578d2a48f9c82
Fixed
376c7f0beb8f6f3800fc3013ef2f422d0cbfbf92
Fixed
35f8f72b45791a6a71b81140c59d02a6183b6f3b
Fixed
bef9a2835011668c221851a7572b6c8433087f85
Fixed
dc5251b1af5c9a0749322bf58bd5aa673f545fe2
Fixed
8204dd589c4f25a7618eece5da3f0871e02af8ae
Fixed
e9d36f7e71a907ec507f84ee5d60a622c345cac4
Fixed
12f52e373d63f008ee386f371bdd82a3a3779199
Fixed
51b39d741970742a5c41136241a9c48ac607cf82

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53181.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.17.0
Fixed
4.19.325
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.287
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.231
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.174
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.120
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.64
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.11
Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53181.json"