Linux · Linux Kernel · CVE-2024-44932
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the idpf component in the Linux kernel, where a use-after-free (UAF) vulnerability occurs when destroying queues. This happens because interrupt vectors with embedded NAPIs are freed before the queues, leading to page pools' NAPI pointers pointing to freed memory. The allocation and freeing logic has been inverted to allocate queue/interrupt vectors first and free them last, which is safe since vectors do not require queues to be present. This change also removes the unnecessary queue->q vector pointer cleanup.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.