Home

Description

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback.

PUBLISHED Reserved 2024-01-15 | Published 2024-01-15 | Updated 2025-11-15 | Assigner redhat




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

Use After Free

Product status

Default status
unaffected

Any version before 6.0-rc3
affected

Default status
affected

0:4.18.0-372.87.1.el8_6 (rpm) before *
unaffected

Default status
affected

0:4.18.0-372.87.1.el8_6 (rpm) before *
unaffected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Default status
affected

Default status
unaffected

Default status
unaffected

Default status
unaffected

Timeline

2024-01-15:Reported to Red Hat.
2023-03-10:Made public.

References

access.redhat.com/errata/RHSA-2024:0412 (RHSA-2024:0412) vendor-advisory

access.redhat.com/security/cve/CVE-2024-0562 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2258475 (RHBZ#2258475) issue-tracking

patchwork.kernel.org/...1155034.3772543-1-khazhy@google.com/

access.redhat.com/errata/RHSA-2024:0412 (RHSA-2024:0412) vendor-advisory

access.redhat.com/security/cve/CVE-2024-0562 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2258475 (RHBZ#2258475) issue-tracking

patchwork.kernel.org/...1155034.3772543-1-khazhy@google.com/

cve.org (CVE-2024-0562)

nvd.nist.gov (CVE-2024-0562)