CVE-2024-53239
Published: Dec 27, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as we're calling snd_card_free_when_closed()). For avoid potential UAFs, move the release of resources to the card's private_free instead of the manual call of usb6fire_chip_destroy() at the USB disconnect callback.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 - < 74357d0b5cd3ef544752bc9f21cbeee4902fae6caffected c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 - < 273eec23467dfbfbd0e4c10302579ba441fb1e13affected c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 - < f2d06d4e129e2508e356136f99bb20a332ff1a00affected c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 - < b889a7d68d7e76b8795b754a75c91a2d561d5e8caffected c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 - < ea8cc56db659cf0ae57073e32a4735ead7bd7ee3+4 more versions |
Linux | Linux | affected 2.6.39unaffected 0 - < 2.6.39unaffected 4.19.325 - <= 4.19.*unaffected 5.4.287 - <= 5.4.*unaffected 5.10.231 - <= 5.10.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now