CVE-2024-40956

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a possible Use-After-Free in the irq process work list function of the dmaengine: idxd driver in the Linux kernel. This occurs due to a race condition when the descriptor is freed via idxd desc complete() and reused by another thread without being deleted from the list, potentially causing issues for the list iterator. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.