Sign in Subscribe

← All advisories

High severity7.4NVD Advisory· Published May 1, 2024· Updated May 12, 2026

CVE-2024-27052

CVE-2024-27052

Description

In the Linux kernel, the following vulnerability has been resolved:

wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().

Affected products

1

Linux/Linuxv5
Range: 5.5

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlnvdMailing ListThird Party Advisory
cert-portal.siemens.com/productcert/html/ssa-265688.htmlnvd

News mentions

0

No linked articles in our index yet.

Severity

HighCVSS v3.1

7.4/ 10

Attack vector: Local
Complexity: High
Privileges: None
User interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Probability of exploitation in the next 30 days.

0.01%

VYPR risk score

Composite of severity, exploitation, and reach.

0.48medium

cvss	0.481
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

Weaknesses

CWE-416
Use After Free

CVE ID

CVE-2024-27052

Source code