Vulnerability DatabaseCVE-2024-27052
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2024-27052
May 01, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().
Related ResourcesĀ (11)
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27052.json
https://nvd.nist.gov/vuln/detail/CVE-2024-27052
https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e
https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e
https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4
https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361
https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59
https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a
Do you need more information?
Contact Us
CVSS v4
Base Score:
7.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Weakness Type (CWE)
Use After Free
CWE-416
EPSS
Base Score:
0.01