PT-2025-8820 · Linux+7 · Linux Kernel+7

Guixin Liu

·

Publicado

2024-12-18

·

Atualizado

2026-05-26

·

CVE-2024-54458

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A potential use-after-free (UAF) access issue has been identified in the Linux kernel, specifically in the scsi: ufs: bsg component. The issue arises from not setting bsg queue to NULL after its removal, which could lead to potential problems, although it does not currently cause any issues.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Double Free

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-415CWE-416

Identificadores relacionados

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2025-12647
BDU:2025-03894
CVE-2024-54458
DLA-4102-1
DLA-4178-1
OESA-2025-1446
OESA-2025-1450
OESA-2025-2118
OESA-2025-2119
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:01972-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_01972-1
SUSE-SU-2025_02000-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7703-1
USN-7703-2
USN-7703-3
USN-7703-4
USN-7711-1
USN-7712-1
USN-7712-2
USN-7719-1
USN-7737-1

Produtos afetados

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu