In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winch_handlers before registering winch IRQ Registering a winch IRQ is racy, an interrupt may occur before the winch is added to the winch_handlers list. If that happens, register_winch_irq() adds to that list a winch that is scheduled to be (or has already been) freed, causing a panic later in winch_cleanup(). Avoid the race by adding the winch to the winch_handlers list before registering the IRQ, and rolling back if um_request_irq() fails.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-06-24T13:52:26.769Z

Updated: 2024-12-19T09:06:29.258Z

Reserved: 2024-06-21T11:16:40.627Z

Link: CVE-2024-39292

cve-icon Vulnrichment

Updated: 2024-08-02T04:19:20.680Z

cve-icon NVD

Status : Modified

Published: 2024-06-24T14:15:12.943

Modified: 2024-11-21T09:27:24.223

Link: CVE-2024-39292

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-06-24T00:00:00Z

Links: CVE-2024-39292 - Bugzilla