CVE-2024-53173

HIGH EPSS 17.5%
Published Dec 27, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Dec 27, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs_release_seqid() in nfs4_opendata_free() can result in a use-after-free of the pointer to the defunct rpc task of the other thread. The fix is to ensure that if the RPC call is aborted before the call to nfs_wait_on_sequence() is complete, then we must call nfs_release_seqid() in nfs4_open_release() before the rpc_task is freed.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
17.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥2.6.16  –  <4.19.325
linuxlinux_kernel*≥4.20  –  <5.4.287
linuxlinux_kernel*≥5.5  –  <5.10.231
linuxlinux_kernel*≥5.11  –  <5.15.174
linuxlinux_kernel*≥5.16  –  <6.1.120
linuxlinux_kernel*≥6.2  –  <6.6.64
linuxlinux_kernel*≥6.7  –  <6.11.11
linuxlinux_kernel*≥6.12  –  <6.12.2

References 11

  • git.kernel.org https://git.kernel.org/stable/c/1cfae9575296f5040cdc84b0730e79078c081d2d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/229a30ed42bb87bcb044c5523fabd9e4f0e75648
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ab9639f16b05d948066a6c4cf19a0fdc61046ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2fdb05dc0931250574f0cb0ebeb5ed8e20f4a889
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5237a297ffd374a1c4157a53543b7a69d7bbbc03
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7bf6bf130af8ee7d93a99c28a7512df3017ec759
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b56ae8e715557b4fc227c9381d2e681ffafe7b15
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba6e6c04f60fe52d91520ac4d749d372d4c74521
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e2277a1d9d5cd0d625a4fd7c04fce2b53e66df77
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1cfae9575296f5040cdc84b0730e79078c081d2d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/229a30ed42bb87bcb044c5523fabd9e4f0e75648
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ab9639f16b05d948066a6c4cf19a0fdc61046ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2fdb05dc0931250574f0cb0ebeb5ed8e20f4a889
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5237a297ffd374a1c4157a53543b7a69d7bbbc03
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7bf6bf130af8ee7d93a99c28a7512df3017ec759
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b56ae8e715557b4fc227c9381d2e681ffafe7b15
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba6e6c04f60fe52d91520ac4d749d372d4c74521
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e2277a1d9d5cd0d625a4fd7c04fce2b53e66df77
    Patch