Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be called from within a work item for destroying its own workqueue. This illegal situation is averted by adding a module-global workqueue for exclusive use of the offending work item. Other work items continue to be queued on per-device workqueues to ensure performance.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.14, < 5.15.166 |
References
- https://git.kernel.org/stable/c/409b495f8e3300d5fba08bc817fa8825dae48cc9Patch
- https://git.kernel.org/stable/c/5d3567caff2a1d678aa40cc74a54e1318941fad3Patch
- https://git.kernel.org/stable/c/a7ad105b12256ec7fb6d6d1a0e2e60f00b7da157Patch
- https://git.kernel.org/stable/c/aa1a19724fa2c31e97a9be48baedd4692b265157Patch
- https://git.kernel.org/stable/c/ccbde4b128ef9c73d14d0d7817d68ef795f6d131Patch
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
FAQ
What is CVE-2024-45007?
CVE-2024-45007 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be cal...
How severe is CVE-2024-45007?
CVE-2024-45007 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-45007?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.