Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on module removal we get a RTNL-related deadlock. Fix this by avoiding the device-managed LED functions. Note: We can safely call led_classdev_unregister() for a LED even if registering it failed, because led_classdev_unregister() detects this and is a no-op in this case.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.8, < 6.8.8 |
| Fedoraproject | Fedora | 38 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/19fa4f2a85d777a8052e869c1b892a2f7556569dPatch
- https://git.kernel.org/stable/c/53d986f39acd8ea11c9e460732bfa5add66360d9Patch
- https://git.kernel.org/stable/c/19fa4f2a85d777a8052e869c1b892a2f7556569dPatch
- https://git.kernel.org/stable/c/53d986f39acd8ea11c9e460732bfa5add66360d9Patch
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
FAQ
What is CVE-2024-27021?
CVE-2024-27021 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: r8169: fix LED-related deadlock on module removal Binding devm_led_classdev_register() to the netdev is problematic because on mod...
How severe is CVE-2024-27021?
CVE-2024-27021 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27021?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Fedoraproject Fedora.