CVE - CVE-2024-53239

CVE-ID
CVE-2024-53239	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as we're calling snd_card_free_when_closed()). For avoid potential UAFs, move the release of resources to the card's private_free instead of the manual call of usb6fire_chip_destroy() at the USB disconnect callback.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0df7f4b5cc10f5adf98be0845372e9eef7bb5b09 URL:https://git.kernel.org/stable/c/0df7f4b5cc10f5adf98be0845372e9eef7bb5b09 MISC:https://git.kernel.org/stable/c/273eec23467dfbfbd0e4c10302579ba441fb1e13 URL:https://git.kernel.org/stable/c/273eec23467dfbfbd0e4c10302579ba441fb1e13 MISC:https://git.kernel.org/stable/c/57860a80f03f9dc69a34a5c37b0941ad032a0a8c URL:https://git.kernel.org/stable/c/57860a80f03f9dc69a34a5c37b0941ad032a0a8c MISC:https://git.kernel.org/stable/c/74357d0b5cd3ef544752bc9f21cbeee4902fae6c URL:https://git.kernel.org/stable/c/74357d0b5cd3ef544752bc9f21cbeee4902fae6c MISC:https://git.kernel.org/stable/c/a0810c3d6dd2d29a9b92604d682eacd2902ce947 URL:https://git.kernel.org/stable/c/a0810c3d6dd2d29a9b92604d682eacd2902ce947 MISC:https://git.kernel.org/stable/c/b754e831a94f82f2593af806741392903f359168 URL:https://git.kernel.org/stable/c/b754e831a94f82f2593af806741392903f359168 MISC:https://git.kernel.org/stable/c/b889a7d68d7e76b8795b754a75c91a2d561d5e8c URL:https://git.kernel.org/stable/c/b889a7d68d7e76b8795b754a75c91a2d561d5e8c MISC:https://git.kernel.org/stable/c/ea8cc56db659cf0ae57073e32a4735ead7bd7ee3 URL:https://git.kernel.org/stable/c/ea8cc56db659cf0ae57073e32a4735ead7bd7ee3 MISC:https://git.kernel.org/stable/c/f2d06d4e129e2508e356136f99bb20a332ff1a00 URL:https://git.kernel.org/stable/c/f2d06d4e129e2508e356136f99bb20a332ff1a00
Assigning CNA
kernel.org
Date Record Created
20241119	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241119)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.