Security Advisory

CVE-2024-50051

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-11 12:25:20

Last updated 2025-11-03 20:43:19

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancel_work_sync before module remove If we remove the module which will call mpc52xx_spi_remove it will free ms through spi_unregister_controller. while the work ms->work will be used. The sequence of operations that may lead to a UAF bug. Fix it by ensuring that the work is canceled before proceeding with the cleanup in mpc52xx_spi_remove.

← Browse all CVEs View on cve.org ↗