{"vulnerability": "cve-2024-46786", "sightings": [{"uuid": "36c429c9-0564-4fc5-895f-4483f3ef1677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46786", "type": "seen", "source": "https://t.me/cvedetector/5949", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46786 - Apache Linux fscache Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46786 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nfscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF  \n  \nThe fscache_cookie_lru_timer is initialized when the fscache module  \nis inserted, but is not deleted when the fscache module is removed.  \nIf timer_reduce() is called before removing the fscache module,  \nthe fscache_cookie_lru_timer will be added to the timer list of  \nthe current cpu. Afterwards, a use-after-free will be triggered  \nin the softIRQ after removing the fscache module, as follows:  \n  \n==================================================================  \nBUG: unable to handle page fault for address: fffffbfff803c9e9  \n PF: supervisor read access in kernel mode  \n PF: error_code(0x0000) - not-present page  \nPGD 21ffea067 P4D 21ffea067 PUD 21ffe6067 PMD 110a7c067 PTE 0  \nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI  \nCPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.11.0-rc3 #855  \nTainted: [W]=WARN  \nRIP: 0010:__run_timer_base.part.0+0x254/0x8a0  \nCall Trace:  \n   \n tmigr_handle_remote_up+0x627/0x810  \n __walk_groups.isra.0+0x47/0x140  \n tmigr_handle_remote+0x1fa/0x2f0  \n handle_softirqs+0x180/0x590  \n irq_exit_rcu+0x84/0xb0  \n sysvec_apic_timer_interrupt+0x6e/0x90  \n   \n   \n asm_sysvec_apic_timer_interrupt+0x1a/0x20  \nRIP: 0010:default_idle+0xf/0x20  \n default_idle_call+0x38/0x60  \n do_idle+0x2b5/0x300  \n cpu_startup_entry+0x54/0x60  \n start_secondary+0x20d/0x280  \n common_startup_64+0x13e/0x148  \n   \nModules linked in: [last unloaded: netfs]  \n==================================================================  \n  \nTherefore delete fscache_cookie_lru_timer when removing the fscahe module. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T10:53:27.000000Z"}]}