CVE-2024-53181

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc6-g59b723cd2adb

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the use of drvdata in release, which is not available. This can cause a crash when removing a vector device. The crash occurs due to a segfault with no mm, resulting in a kernel panic. Technical details about the crash include a RIP of 0033:vector device release+0xf/0x50 and a stack trace that involves several kernel functions, including vector device release(), device release(), and kobject put(). No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For Linux kernel versions prior to 6.12.0-rc6-g59b723cd2adb, update to a version that includes the fix for this issue to prevent crashes when removing vector devices. As a temporary workaround, consider disabling the vector device release() function until a patch is available. However, since the provided information does not specify a clear fix or patch version, the best course of action is to wait for an official update that addresses this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.