Use-After-Free Vulnerability in Linux Kernel's SCSI UFS Driver
CVE-2024-54458

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2024-54458?

A vulnerability exists in the Linux kernel's SCSI UFS driver where the bsg_queue is not set to NULL after its removal. While currently harmless, failing to nullify bsg_queue could lead to potential use-after-free access, causing instability or unintended behavior in the kernel. This change is crucial to enhance the security and reliability of the Linux kernel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux df032bf27a414acf61c957ec2fad22a57d903b39

Linux df032bf27a414acf61c957ec2fad22a57d903b39 < 22018622e1e9e371198dbd983af946a844d5924c

Linux df032bf27a414acf61c957ec2fad22a57d903b39 < 5e7b6e44468c3242c21c2a8656d009fb3eb50a73

References

https://git.kernel.org/stable/c/bb4783c670180b92226722240...

https://git.kernel.org/stable/c/22018622e1e9e371198dbd983...

https://git.kernel.org/stable/c/5e7b6e44468c3242c21c2a865...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025

JSON

Linux

What is CVE-2024-54458?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.