Linux · Linux Kernel · CVE-2024-26598
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a potential use-after-free (UAF) scenario in the Linux kernel's KVM: arm64: vgic-its module. This occurs when an LPI translation cache hit races with an operation that invalidates the cache, such as a DISCARD ITS command. The root of the problem is that the `vgic its check cache()` function does not elevate the refcount on the `vgic irq` before dropping the lock that serializes refcount changes. To resolve this, `vgic its check cache()` should raise the refcount on the returned `vgic irq` and add the corresponding decrement after queueing the interrupt.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.