{"vulnerability": "CVE-2024-50061", "sightings": [{"uuid": "3715dbfc-a189-4c0c-a217-44a326d4334f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50061", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4893", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50061\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition\n\nIn the cdns_i3c_master_probe function, &master->hj_work is bound with\ncdns_i3c_master_hj. And cdns_i3c_master_interrupt can call\ncnds_i3c_master_demux_ibis function to start the work.\n\nIf we remove the module which will call cdns_i3c_master_remove to\nmake cleanup, it will free master->base through i3c_master_unregister\nwhile the work mentioned above will be used. The sequence of operations\nthat may lead to a UAF bug is as follows:\n\nCPU0                                      CPU1\n\n                                     | cdns_i3c_master_hj\ncdns_i3c_master_remove               |\ni3c_master_unregister(&master->base) |\ndevice_unregister(&master->dev)      |\ndevice_release                       |\n//free master->base                  |\n                                     | i3c_master_do_daa(&master->base)\n                                     | //use master->base\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in cdns_i3c_master_remove.\n\ud83d\udccf Published: 2024-10-21T19:39:50.415Z\n\ud83d\udccf Modified: 2025-02-21T13:45:14.131Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/2a21bad9964c91b34d65ba269914233720c0b1ce\n2. https://git.kernel.org/stable/c/ea0256e393e0072e8c80fd941547807f0c28108b\n3. https://git.kernel.org/stable/c/687016d6a1efbfacdd2af913e2108de6b75a28d5\n4. https://git.kernel.org/stable/c/609366e7a06d035990df78f1562291c3bf0d4a12", "creation_timestamp": "2025-02-21T14:18:31.000000Z"}, {"uuid": "a5fa6954-788a-442e-a05c-d8bbe219bdbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50061", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "0f675908-2775-424f-8168-0ba56ab4901b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50061", "type": "seen", "source": "https://t.me/cvedetector/8549", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50061 - Linux i3c: Master: cdns: Use After Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50061 \nPublished : Oct. 21, 2024, 8:15 p.m. | 16\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ni3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition  \n  \nIn the cdns_i3c_master_probe function, &master->hj_work is bound with  \ncdns_i3c_master_hj. And cdns_i3c_master_interrupt can call  \ncnds_i3c_master_demux_ibis function to start the work.  \n  \nIf we remove the module which will call cdns_i3c_master_remove to  \nmake cleanup, it will free master->base through i3c_master_unregister  \nwhile the work mentioned above will be used. The sequence of operations  \nthat may lead to a UAF bug is as follows:  \n  \nCPU0                                      CPU1  \n  \n                                     | cdns_i3c_master_hj  \ncdns_i3c_master_remove               |  \ni3c_master_unregister(&master->base) |  \ndevice_unregister(&master->dev)      |  \ndevice_release                       |  \n//free master->base                  |  \n                                     | i3c_master_do_daa(&master->base)  \n                                     | //use master->base  \n  \nFix it by ensuring that the work is canceled before proceeding with  \nthe cleanup in cdns_i3c_master_remove. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T22:42:56.000000Z"}]}