VDB

CISA-2023-52704

CISA-2023-52704 PUBLISHED CVSS 5.5 MEDIUM

Reported by Linux · Published May 21, 2024

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL Tetsuo-San noted that commit f5d39b020809 ("freezer,sched: Rewrite core freezer logic") broke call_usermodehelper_exec() for the KILLABLE case. Specifically it was missed that the second, unconditional, wait_for_completion() was not optional and ensures the on-stack completion is unused before going out-of-scope.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
LinuxLinuxf5d39b020809146cc28e6e73369bf8065e0310aa, f5d39b020809146cc28e6e73369bf8065e0310aa
LinuxLinux6.1, 0, 6.1.13
LinuxLinuxf5d39b020809146cc28e6e73369bf8065e0310aa, 6.1, 6.1.13

Timeline

  • May 21, 2024 CVE Published
  • Dec 19, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›