CVE-2024-50051
Published: Jan 11, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancel_work_sync before module remove If we remove the module which will call mpc52xx_spi_remove it will free 'ms' through spi_unregister_controller. while the work ms->work will be used. The sequence of operations that may lead to a UAF bug. Fix it by ensuring that the work is canceled before proceeding with the cleanup in mpc52xx_spi_remove.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ca632f556697d45d67ed5cada7cedf3ddfe0db4b - < d0cde3911cf24e1bcdd4caa1d1b9ef57589db5a1affected ca632f556697d45d67ed5cada7cedf3ddfe0db4b - < e0c6ce8424095c2da32a063d3fc027494c689817affected ca632f556697d45d67ed5cada7cedf3ddfe0db4b - < cd5106c77d6d6828aa82449f01f4eb436d602a21affected ca632f556697d45d67ed5cada7cedf3ddfe0db4b - < 373d55a47dc662e5e30d12ad5d334312f757c1f1affected ca632f556697d45d67ed5cada7cedf3ddfe0db4b - < f65d85bc1ffd8a2c194bb2cd65e35ed3648ddd59+2 more versions |
Linux | Linux | affected 3.1unaffected 0 - < 3.1unaffected 5.4.287 - <= 5.4.*unaffected 5.10.231 - <= 5.10.*unaffected 5.15.174 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now