Linux · Linux Kernel · CVE-2024-26974
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a race condition in the Linux kernel's crypto component, specifically during the PCI AER system's error recovery process. This can lead to a use-after-free bug, resulting in a KFENCE bug notice. The bug occurs when the kernel driver frees the reset data structure's memory, but this structure is still used for completion notification after the restart is completed. Technical details include the involvement of the `adf device reset worker` function and the `process one work` function. The estimated number of potentially affected devices and details about real-world incidents are not provided.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.