{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-47747","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-30T16:00:12.960Z","datePublished":"2024-10-21T12:14:13.783Z","dateUpdated":"2025-11-03T22:21:41.323Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:38:59.872Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition\n\nIn the ether3_probe function, a timer is initialized with a callback\nfunction ether3_ledoff, bound to &prev(dev)->timer. Once the timer is\nstarted, there is a risk of a race condition if the module or device\nis removed, triggering the ether3_remove function to perform cleanup.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0                                    CPU1\n\n                      |  ether3_ledoff\nether3_remove         |\n  free_netdev(dev);   |\n  put_devic           |\n  kfree(dev);         |\n |  ether3_outw(priv(dev)->regs.config2 |= CFG2_CTRLO, REG_CONFIG2);\n                      | // use dev\n\nFix it by ensuring that the timer is canceled before proceeding with\nthe cleanup in ether3_remove."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/seeq/ether3.c"],"versions":[{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"25d559ed2beec9b34045886100dac46d1ad92eba","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"b5a84b6c772564c8359a9a0fbaeb2a2944aa1ee9","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"338a0582b28e69460df03af50e938b86b4206353","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"822c7bb1f6f8b0331e8d1927151faf8db3b33afd","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"1c57d61a43293252ad732007c7070fdb112545fd","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"d2abc379071881798d20e2ac1d332ad855ae22f3","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"516dbc6d16637430808c39568cbb6b841d32b55b","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"77a77331cef0a219b8dd91361435eeef04cb741c","status":"affected","versionType":"git"},{"version":"6fd9c53f71862a4797b7ed8a5de80e2c64829f56","lessThan":"b5109b60ee4fcb2f2bb24f589575e10cc5283ad4","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/seeq/ether3.c"],"versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","status":"unaffected","versionType":"semver"},{"version":"4.19.323","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.285","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.227","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.168","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.113","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.54","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.13","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11.2","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.323"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.4.285"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.10.227"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.15.168"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.1.113"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.6.54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.10.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.11.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/25d559ed2beec9b34045886100dac46d1ad92eba"},{"url":"https://git.kernel.org/stable/c/b5a84b6c772564c8359a9a0fbaeb2a2944aa1ee9"},{"url":"https://git.kernel.org/stable/c/338a0582b28e69460df03af50e938b86b4206353"},{"url":"https://git.kernel.org/stable/c/822c7bb1f6f8b0331e8d1927151faf8db3b33afd"},{"url":"https://git.kernel.org/stable/c/1c57d61a43293252ad732007c7070fdb112545fd"},{"url":"https://git.kernel.org/stable/c/d2abc379071881798d20e2ac1d332ad855ae22f3"},{"url":"https://git.kernel.org/stable/c/516dbc6d16637430808c39568cbb6b841d32b55b"},{"url":"https://git.kernel.org/stable/c/77a77331cef0a219b8dd91361435eeef04cb741c"},{"url":"https://git.kernel.org/stable/c/b5109b60ee4fcb2f2bb24f589575e10cc5283ad4"}],"title":"net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-47747","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-10-21T12:58:25.330423Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-21T13:04:13.623Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:21:41.323Z"}}]}}