CVE-2024-45007

char: xillybus: Don't destroy workqueue from work item running on it

Description

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be called from within a work item for destroying its own workqueue. This illegal situation is averted by adding a module-global workqueue for exclusive use of the offending work item. Other work items continue to be queued on per-device workqueues to ensure performance.

N/A
CVSS
Severity:
EPSS 0.13%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/409b495f8e3300d5fba08bc817fa8825dae48cc9
https://git.kernel.org/stable/c/5d3567caff2a1d678aa40cc74a54e1318941fad3
https://git.kernel.org/stable/c/a7ad105b12256ec7fb6d6d1a0e2e60f00b7da157
https://git.kernel.org/stable/c/aa1a19724fa2c31e97a9be48baedd4692b265157
https://git.kernel.org/stable/c/ccbde4b128ef9c73d14d0d7817d68ef795f6d131

Frequently Asked Questions

What is the severity of CVE-2024-45007?
CVE-2024-45007 has not yet been assigned a CVSS score.
How to fix CVE-2024-45007?
To fix CVE-2024-45007, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-45007 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-45007 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-45007?
CVE-2024-45007 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.