PT-2024-21551 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2024-02-28

·

Updated

2025-07-16

·

CVE-2024-26875

CVSS v3.1

6.4

Medium

VectorAV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc1-syzkaller-00046-gf1a27f081c1f
Description A use-after-free vulnerability has been resolved in the Linux kernel, specifically in the pvrusb2 media driver. The issue occurred when Task A set disconnect flag to a non-zero value, resulting in Task B's condition being met and releasing mp, leading to a slab-use-after-free error in pvr2 context set notify. This vulnerability was reported by Syzbot and is related to the pvr2 context set notify function in the pvrusb2-context.c file.
Recommendations To resolve this issue, place the disconnect flag assignment operation after all code in pvr2 context disconnect() to avoid the use-after-free error. This change will prevent the mp release from occurring prematurely, thus fixing the vulnerability.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-47666
AZL-47676
BDU:2025-03615
CVE-2024-26875
DLA-3840-1
DLA-3842-1
DSA-5681-1
OESA-2024-1617
OESA-2024-1618
OESA-2024-1619
OESA-2024-1620
OESA-2024-1621
OESA-2024-1622
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
SUSE-SU-2024:1644-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2025:02334-1
SUSE-SU-2025_02334-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6878-1
USN-6892-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6919-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu