CVE-2024-27054

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix double module refcount decrement Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount. Doing it manually on this error path causes refcount to artificially decrease on each error while it should just stay the same.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6
https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a	Patch
https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06	Patch
https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5	Patch
https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e	Patch
https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19	Patch
https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650	Patch
https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a	Patch
https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06	Patch
https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5	Patch
https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e	Patch
https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19	Patch
https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-05-01 13:15

Updated : 2025-05-02 07:15

NVD link : CVE-2024-27054

Mitre link : CVE-2024-27054

CVE.ORG link : CVE-2024-27054

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

{"id": "CVE-2024-27054", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-05-01T13:15:50.270", "references": [{"url": "https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module's refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: corrige la disminuci\u00f3n del doble recuento del m\u00f3dulo Una vez que la disciplina est\u00e1 asociada con el dispositivo, eliminar el dispositivo se encarga de disminuir el recuento del m\u00f3dulo. Hacerlo manualmente en esta ruta de error hace que el recuento disminuya artificialmente en cada error, mientras que deber\u00eda permanecer igual."}], "lastModified": "2025-05-02T07:15:52.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87053F0F-673E-4CE8-9F5D-976A9DAF6EBF", "versionEndExcluding": "5.15.153", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19", "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}