PT-2024-5428 · Linux+5 · Linux Kernel+5

Sicong Huang

Published

2024-05-04

Updated

2025-09-29

CVE-2024-39495

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a use-after-free bug in the gb interface release function due to a race condition. This occurs when gb interface create binds &intf->mode switch completion with gb interface mode switch work, which is then started by gb interface request mode switch. If gb interface release is called to make cleanup, there may be an unfinished work, and if gb interface mode switch work is scheduled to run after kfree, it may cause a use-after-free error. The exploitation of this issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-10855

ALT-PU-2024-11524

ALT-PU-2024-12537

ALT-PU-2024-13979

ALT-PU-2024-14046

ALT-PU-2024-9967

AZL-46990

BDU:2024-06072

CVE-2024-39495

DLA-4008-1

DSA-5730-1

DSA-5731-1

OESA-2024-2292

OESA-2024-2293

OESA-2024-2295

OESA-2025-1097

USN-6999-1

USN-6999-2

USN-7003-1

USN-7003-2

USN-7003-3

USN-7003-4

USN-7003-5

USN-7004-1

USN-7005-1

USN-7005-2

USN-7006-1

USN-7007-1

USN-7007-2

USN-7007-3

USN-7008-1

USN-7009-1

USN-7009-2

USN-7019-1

USN-7028-1

USN-7028-2

USN-7029-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2024-5428 · Linux+5 · Linux Kernel+5

CVE-2024-39495

Weakness Enumeration

Related Identifiers

Affected Products

References · 831