PT-2024-8289 · Linux+9 · Linux Kernel+9

Martin Kaistra

Published

2024-01-14

Updated

2025-09-29

CVE-2024-27052

CVSS v3.1

7.4

High

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to errors in memory usage after release in the rtl8xxxu stop() function. This can allow an attacker to elevate privileges in the system. The problem occurs because the workqueue might still be running when the driver is stopped, leading to a use-after-free condition. To avoid this, cancel work sync() is called in rtl8xxxu stop().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:3618

ALSA-2024:3627

ALSA-2024:5363

ALSA-2025_16880

BDU:2024-09842

CESA-2024_3618

CESA-2024_3627

CVE-2024-27052

DLA-3842-1

DSA-5681-1

INFSA-2024_3618

INFSA-2024_3627

INFSA-2024_5363

OESA-2024-1768

OESA-2024-1942

RHSA-2024:3618

RHSA-2024:3627

RHSA-2024:5363

RHSA-2024:5364

RHSA-2024:5365

RHSA-2024_3618

RHSA-2024_3627

RHSA-2024_5363

RLSA-2024:3618

RLSA-2024:3627

RLSA-2024:5363

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6816-1

USN-6817-1

USN-6817-2

USN-6817-3

USN-6820-1

USN-6820-2

USN-6821-1

USN-6821-2

USN-6821-3

USN-6821-4

USN-6828-1

USN-6871-1

USN-6878-1

USN-6892-1

USN-6919-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-8289 · Linux+9 · Linux Kernel+9

CVE-2024-27052

Weakness Enumeration

Related Identifiers

Affected Products

References · 3413