{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T03:55:24.064","vulnerabilities":[{"cve":{"id":"CVE-2024-38630","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-06-21T11:15:11.810","lastModified":"2024-11-21T09:26:31.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger\n\nWhen the cpu5wdt module is removing, the origin code uses del_timer() to\nde-activate the timer. If the timer handler is running, del_timer() could\nnot stop it and will return directly. If the port region is released by\nrelease_region() and then the timer handler cpu5wdt_trigger() calls outb()\nto write into the region that is released, the use-after-free bug will\nhappen.\n\nChange del_timer() to timer_shutdown_sync() in order that the timer handler\ncould be finished before the port region is released."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: watchdog: cpu5wdt.c: corrige el error de use-after-free causado por cpu5wdt_trigger Cuando se elimina el módulo cpu5wdt, el código de origen usa del_timer() para desactivar el temporizador. Si el controlador del temporizador se está ejecutando, del_timer() no pudo detenerlo y regresará directamente. Si la región del puerto es liberada por release_region() y luego el controlador del temporizador cpu5wdt_trigger() llama a outb() para escribir en la región que se libera, se producirá el error de use-after-free. Cambie del_timer() a timer_shutdown_sync() para que el controlador del temporizador pueda finalizar antes de que se libere la región del puerto."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"6.6.33","matchCriteriaId":"CFD35FD5-8F34-4C7B-803E-84957DD73AFF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.9.4","matchCriteriaId":"991B9791-966A-4D18-9E8D-A8AB128E5627"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/573601521277119f2e2ba5f28ae6e87fc594f4d4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9b1c063ffc075abf56f63e55d70b9778ff534314","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f19686d616500cd0d47b30cee82392b53f7f784a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}