{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41149", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-01-11T12:33:33.672Z", "datePublished": "2025-01-11T12:35:33.428Z", "dateUpdated": "2025-02-11T15:45:20.309Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-01-20T06:18:56.383Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-mq.c"], "versions": [{"version": "58bf93580fec30d84a46be41171c5fad98b5cc70", "lessThan": "ee18012c80155f6809522804099621070c69ec72", "status": "affected", "versionType": "git"}, {"version": "c1291ea131d186296dc8d328a36c3caf38e8e159", "lessThan": "b5792c162dcf6197bf3d2de2be6c8169435b73d0", "status": "affected", "versionType": "git"}, {"version": "22465bbac53c821319089016f268a2437de9b00a", "lessThan": "85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-mq.c"], "versions": [{"version": "6.12.6", "lessThan": "6.12.7", "status": "affected", "versionType": "semver"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72"}, {"url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0"}, {"url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b"}], "title": "block: avoid to reuse `hctx` not removed from cpuhp callback list", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-41149", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-11T15:41:11.000102Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T15:45:20.309Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-41149", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-11T15:41:11.000102Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T15:41:12.735Z"}}], "cna": {"title": "block: avoid to reuse `hctx` not removed from cpuhp callback list", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "58bf93580fec30d84a46be41171c5fad98b5cc70", "lessThan": "ee18012c80155f6809522804099621070c69ec72", "versionType": "git"}, {"status": "affected", "version": "c1291ea131d186296dc8d328a36c3caf38e8e159", "lessThan": "b5792c162dcf6197bf3d2de2be6c8169435b73d0", "versionType": "git"}, {"status": "affected", "version": "22465bbac53c821319089016f268a2437de9b00a", "lessThan": "85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b", "versionType": "git"}], "programFiles": ["block/blk-mq.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.12.6", "lessThan": "6.12.7", "versionType": "semver"}], "programFiles": ["block/blk-mq.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72"}, {"url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0"}, {"url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-01-20T06:18:56.383Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41149", "state": "PUBLISHED", "dateUpdated": "2025-02-11T15:45:20.309Z", "dateReserved": "2025-01-11T12:33:33.672Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-01-11T12:35:33.428Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:6.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "C169004B-AF0C-4A52-A1D2-A5E9CB2B9F9D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: evitar reutilizar `hctx` no eliminado de la lista de devoluci\u00f3n de llamadas de cpuhp Si 'hctx' no se elimina de la lista de devoluci\u00f3n de llamadas de cpuhp, no podemos reutilizarlo, de lo contrario, se puede activar el use after free."}], "id": "CVE-2024-41149", "lastModified": "2025-03-24T17:31:18.310", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-11T13:15:19.973", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/85672ca9ceeaa1dcf2777a7048af5f4aee3fd02b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b5792c162dcf6197bf3d2de2be6c8169435b73d0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ee18012c80155f6809522804099621070c69ec72"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: block: avoid to reuse `hctx` not removed from cpuhp callback list", "id": "2337331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337331"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\nIf the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,\notherwise use-after-free may be triggered."], "name": "CVE-2024-41149", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-41149\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41149\nhttps://lore.kernel.org/linux-cve-announce/2025011141-CVE-2024-41149-7e9b@gregkh/T"], "threat_severity": "Moderate"}