Fixed
Created: Jun 21, 2024
Updated: Sep 10, 2024
Resolved Date: Jun 23, 2024
Found In Version: 10.24.33.1
Fix Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
When the cpu5wdt module is removing, the origin code uses del_timer() to
de-activate the timer. If the timer handler is running, del_timer() could
not stop it and will return directly. If the port region is released by
release_region() and then the timer handler cpu5wdt_trigger() calls outb()
to write into the region that is released, the use-after-free bug will
happen.
Change del_timer() to timer_shutdown_sync() in order that the timer handler
could be finished before the port region is released.
CREATE(Triage):(User=admin) CVE-2024-38630 (https://nvd.nist.gov/vuln/detail/CVE-2024-38630)
