nvd-json-data-feeds/CVE-2024/CVE-2024-270xx/CVE-2024-27021.json

{
  "id": "CVE-2024-27021",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-05-01T06:15:20.960",
  "lastModified": "2024-05-13T08:15:12.697",
  "vulnStatus": "Undergoing Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: fix LED-related deadlock on module removal\n\nBinding devm_led_classdev_register() to the netdev is problematic\nbecause on module removal we get a RTNL-related deadlock. Fix this\nby avoiding the device-managed LED functions.\n\nNote: We can safely call led_classdev_unregister() for a LED even\nif registering it failed, because led_classdev_unregister() detects\nthis and is a no-op in this case."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: r8169: corrige el punto muerto relacionado con el LED al eliminar el m\u00f3dulo. Vincular devm_led_classdev_register() al netdev es problem\u00e1tico porque al eliminar el m\u00f3dulo obtenemos un punto muerto relacionado con RTNL. Solucione este problema evitando las funciones LED administradas por el dispositivo. Nota: Podemos llamar con seguridad a led_classdev_unregister() para un LED incluso si falla el registro, porque led_classdev_unregister() detecta esto y no es operativo en este caso."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/19fa4f2a85d777a8052e869c1b892a2f7556569d",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/53d986f39acd8ea11c9e460732bfa5add66360d9",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
}