{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T00:51:31.946","vulnerabilities":[{"cve":{"id":"CVE-2024-38629","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-06-21T11:15:11.733","lastModified":"2025-10-03T14:53:37.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Avoid unnecessary destruction of file_ida\n\nfile_ida is allocated during cdev open and is freed accordingly\nduring cdev release. This sequence is guaranteed by driver file\noperations. Therefore, there is no need to destroy an already empty\nfile_ida when the WQ cdev is removed.\n\nWorse, ida_free() in cdev release may happen after destruction of\nfile_ida per WQ cdev. This can lead to accessing an id in file_ida\nafter it has been destroyed, resulting in a kernel panic.\n\nRemove ida_destroy(&file_ida) to address these issues."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: idxd: evita la destrucción innecesaria de file_ida file_ida se asigna durante la apertura de cdev y se libera en consecuencia durante el lanzamiento de cdev. Esta secuencia está garantizada por las operaciones del archivo del controlador. Por lo tanto, no es necesario destruir un file_ida que ya está vacío cuando se elimina WQ cdev. Peor aún, ida_free() en la versión cdev puede ocurrir después de la destrucción de file_ida según WQ cdev. Esto puede llevar a acceder a una identificación en file_ida después de haber sido destruida, lo que resulta en un pánico en el kernel. Elimine ida_destroy(&file_ida) para solucionar estos problemas."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4","versionEndExcluding":"6.6.33","matchCriteriaId":"7D9DC6CF-DE3D-4E7E-BF42-5EBCCB0F3D34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.9.4","matchCriteriaId":"991B9791-966A-4D18-9E8D-A8AB128E5627"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/15edb906211bf53e7b5574f7326ab734d6bff4f9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/76e43fa6a456787bad31b8d0daeabda27351a480","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9eb15f24a0b9b017b39cde8b8c07243676b63687","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/15edb906211bf53e7b5574f7326ab734d6bff4f9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/76e43fa6a456787bad31b8d0daeabda27351a480","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9eb15f24a0b9b017b39cde8b8c07243676b63687","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}