DEBIAN-CVE-2024-38385

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2024-38385
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-38385.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-38385
Upstream
Published
2024-06-25T15:15:13Z
Modified
2025-09-19T06:08:21Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irqfindatorafter() irqfindatorafter() dereferences the interrupt descriptor which is returned by mtfind() while neither holding sparseirqlock nor RCU read lock, which means the descriptor can be freed between mtfind() and the dereference: CPU0 CPU1 desc = mtfind() delayedfreedesc(desc) irqdescgetirq(desc) The use-after-free is reported by KASAN: Call trace: irqgetnextirq+0x58/0x84 showstat+0x638/0x824 seqreaditer+0x158/0x4ec procregreaditer+0x94/0x12c vfsread+0x1e0/0x2c8 Freed by task 4471: slabfreefreelisthook+0x174/0x1e0 _kmemcachefree+0xa4/0x1dc kfree+0x64/0x128 irqkobjrelease+0x28/0x3c kobjectput+0xcc/0x1e0 delayedfreedesc+0x14/0x2c rcudo_batch+0x214/0x720 Guard the access with a RCU read lock section.

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.7-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.7-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}