mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
53 lines
3.4 KiB
JSON
53 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2024-43830",
|
|
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"published": "2024-08-17T10:15:08.857",
|
|
"lastModified": "2024-08-19T12:59:59.177",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nleds: trigger: Unregister sysfs attributes before calling deactivate()\n\nTriggers which have trigger specific sysfs attributes typically store\nrelated data in trigger-data allocated by the activate() callback and\nfreed by the deactivate() callback.\n\nCalling device_remove_groups() after calling deactivate() leaves a window\nwhere the sysfs attributes show/store functions could be called after\ndeactivation and then operate on the just freed trigger-data.\n\nMove the device_remove_groups() call to before deactivate() to close\nthis race window.\n\nThis also makes the deactivation path properly do things in reverse order\nof the activation path which calls the activate() callback before calling\ndevice_add_groups()."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: leds: trigger: Anular el registro de los atributos sysfs antes de llamar a desactivar() Los activadores que tienen atributos sysfs espec\u00edficos del activador normalmente almacenan datos relacionados en datos de activaci\u00f3n asignados por la devoluci\u00f3n de llamada enable() y liberados por el desactivar() devoluci\u00f3n de llamada. Llamar a device_remove_groups() despu\u00e9s de llamar a deactivate() deja una ventana donde los atributos sysfs muestran/almacenan funciones que se pueden llamar despu\u00e9s de la desactivaci\u00f3n y luego operar con los datos de activaci\u00f3n reci\u00e9n liberados. Mueva la llamada device_remove_groups() antes de desactivar() para cerrar esta ventana de ejecuci\u00f3n. Esto tambi\u00e9n hace que la ruta de desactivaci\u00f3n haga las cosas correctamente en orden inverso a la ruta de activaci\u00f3n que llama a la devoluci\u00f3n de llamada enable() antes de llamar a device_add_groups()."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/0788a6f3523d3686a9eed5ea1e6fcce6841277b2",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/09c1583f0e10c918855d6e7540a79461a353e5d6",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/3fb6a9d67cfd812a547ac73ec02e1077c26c640d",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/734ba6437e80dfc780e9ee9d95f912392d12b5ea",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/c0dc9adf9474ecb7106e60e5472577375aedaed3",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/c3b7a650c8717aa89df318364609c86cbc040156",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/cb8aa9d2a4c8a15d6a43ccf901ef3d094aa60374",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/d1415125b701ef13370e2761f691ec632a5eb93a",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
}
|
|
]
|
|
} |