FKIE_CVE-2024-27054

Vulnerability from fkie_nvd - Published: 2024-05-01 13:15 - Updated: 2025-05-02 07:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix double module refcount decrement Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount. Doing it manually on this error path causes refcount to artificially decrease on each error while it should just stay the same.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37ePatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1aPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37ePatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87053F0F-673E-4CE8-9F5D-976A9DAF6EBF",
              "versionEndExcluding": "5.15.153",
              "versionStartIncluding": "4.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19",
              "versionEndExcluding": "6.1.83",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68",
              "versionEndExcluding": "6.6.23",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD",
              "versionEndExcluding": "6.7.11",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1",
              "versionEndExcluding": "6.8.2",
              "versionStartIncluding": "6.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount.  Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: corrige la disminuci\u00f3n del doble recuento del m\u00f3dulo Una vez que la disciplina est\u00e1 asociada con el dispositivo, eliminar el dispositivo se encarga de disminuir el recuento del m\u00f3dulo. Hacerlo manualmente en esta ruta de error hace que el recuento disminuya artificialmente en cada error, mientras que deber\u00eda permanecer igual."
    }
  ],
  "id": "CVE-2024-27054",
  "lastModified": "2025-05-02T07:15:52.860",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-01T13:15:50.270",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.