CVE-2024-39494
Published: Jul 12, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its parent, ->i_rwsem exclusive on the parent's inode, rename_lock), but none of those are met at any of the sites. Take a stable snapshot of the name instead.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 2fe5d6def1672ae6635dd71867bf36dcfaa7434b - < 480afcbeb7aaaa22677d3dd48ec590b441eaac1aaffected 2fe5d6def1672ae6635dd71867bf36dcfaa7434b - < edf287bc610b18d7a9c0c0c1cb2e97b9348c71bbaffected 2fe5d6def1672ae6635dd71867bf36dcfaa7434b - < 0b31e28fbd773aefb6164687e0767319b8199829affected 2fe5d6def1672ae6635dd71867bf36dcfaa7434b - < 7fb374981e31c193b1152ed8d3b0a95b671330d4affected 2fe5d6def1672ae6635dd71867bf36dcfaa7434b - < dd431c3ac1fc34a9268580dd59ad3e3c76b32a8c+2 more versions |
Linux | Linux | affected 3.7unaffected 0 - < 3.7unaffected 5.4.291 - <= 5.4.*unaffected 5.10.235 - <= 5.10.*unaffected 5.15.174 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now