PT-2024-35611 · Linux+8 · Linux Kernel+8

Yu Kuai

·

Published

2024-11-29

·

Updated

2026-01-13

·

CVE-2024-53166

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6
Description A use-after-free vulnerability has been identified in the Linux kernel, specifically in the block, bfq module. The issue arises when the bfq limit depth() function dereferences bfqq from bic without proper locking, potentially leading to a use-after-free condition if the io context is shared among multiple tasks. This vulnerability can be triggered, for example, by testing bfq with io uring in version 6.6 of the Linux kernel. The vulnerability is related to the bfqq group function and can cause a slab-use-after-free error.
Recommendations To resolve this issue, protect the bic to bfqq() function with bfqd->lock. This will prevent the use-after-free condition by ensuring that access to bfqq from bic is properly synchronized.
Note: The provided information does not specify a fixed version for the vulnerability. Therefore, it is recommended to update to the latest version of the Linux kernel to ensure you have the latest security patches.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17893
ALT-PU-2025-12647
AZL-55706
BDU:2025-07222
CVE-2024-53166
DLA-4193-1
DSA-5900-1
ECHO-B68A-41D6-35F0
INFSA-2025_6966
OESA-2025-1097
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0153-1
OPENSUSE-SU-2025_0154-1
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0576-1
OPENSUSE-SU-2025_0577-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2025:0117-1
SUSE-SU-2025:0153-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:02387-1
SUSE-SU-2025:02388-1
SUSE-SU-2025:02389-1
SUSE-SU-2025:02390-1
SUSE-SU-2025:02400-1
SUSE-SU-2025:02401-1
SUSE-SU-2025:02403-1
SUSE-SU-2025:02410-1
SUSE-SU-2025:02411-1
SUSE-SU-2025:02412-1
SUSE-SU-2025:02419-1
SUSE-SU-2025:02420-1
SUSE-SU-2025:02433-1
SUSE-SU-2025:02434-1
SUSE-SU-2025:02436-1
SUSE-SU-2025:02437-1
SUSE-SU-2025:02440-1
SUSE-SU-2025:02445-1
SUSE-SU-2025:02449-1
SUSE-SU-2025:02455-1
SUSE-SU-2025:02459-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0555-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0576-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025:20517-1
SUSE-SU-2025:20518-1
SUSE-SU-2025:20519-1
SUSE-SU-2025:20525-1
SUSE-SU-2025:20526-1
SUSE-SU-2025:20527-1
SUSE-SU-2025:20540-1
SUSE-SU-2025:20541-1
SUSE-SU-2025:20544-1
SUSE-SU-2025:20545-1
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu