CVE-2024-43830

{"id": "CVE-2024-43830", "cveTags": [], "metrics": {}, "published": "2024-08-17T10:15:08.857", "references": [{"url": "https://git.kernel.org/stable/c/0788a6f3523d3686a9eed5ea1e6fcce6841277b2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/09c1583f0e10c918855d6e7540a79461a353e5d6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3fb6a9d67cfd812a547ac73ec02e1077c26c640d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/734ba6437e80dfc780e9ee9d95f912392d12b5ea", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c0dc9adf9474ecb7106e60e5472577375aedaed3", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c3b7a650c8717aa89df318364609c86cbc040156", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cb8aa9d2a4c8a15d6a43ccf901ef3d094aa60374", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d1415125b701ef13370e2761f691ec632a5eb93a", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nleds: trigger: Unregister sysfs attributes before calling deactivate()\n\nTriggers which have trigger specific sysfs attributes typically store\nrelated data in trigger-data allocated by the activate() callback and\nfreed by the deactivate() callback.\n\nCalling device_remove_groups() after calling deactivate() leaves a window\nwhere the sysfs attributes show/store functions could be called after\ndeactivation and then operate on the just freed trigger-data.\n\nMove the device_remove_groups() call to before deactivate() to close\nthis race window.\n\nThis also makes the deactivation path properly do things in reverse order\nof the activation path which calls the activate() callback before calling\ndevice_add_groups()."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: leds: trigger: Anular el registro de los atributos sysfs antes de llamar a desactivar() Los activadores que tienen atributos sysfs espec\u00edficos del activador normalmente almacenan datos relacionados en datos de activaci\u00f3n asignados por la devoluci\u00f3n de llamada enable() y liberados por el desactivar() devoluci\u00f3n de llamada. Llamar a device_remove_groups() despu\u00e9s de llamar a deactivate() deja una ventana donde los atributos sysfs muestran/almacenan funciones que se pueden llamar despu\u00e9s de la desactivaci\u00f3n y luego operar con los datos de activaci\u00f3n reci\u00e9n liberados. Mueva la llamada device_remove_groups() antes de desactivar() para cerrar esta ventana de ejecuci\u00f3n. Esto tambi\u00e9n hace que la ruta de desactivaci\u00f3n haga las cosas correctamente en orden inverso a la ruta de activaci\u00f3n que llama a la devoluci\u00f3n de llamada enable() antes de llamar a device_add_groups()."}], "lastModified": "2024-08-19T12:59:59.177", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}