Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-1pnf-prn5-2fhq
Vulnerability ID VCID-1pnf-prn5-2fhq
Aliases CVE-2024-35887
Summary In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25_ds_del_timer When the ax25 device is detaching, the ax25_dev_device_down() calls ax25_ds_del_timer() to cleanup the slave_timer. When the timer handler is running, the ax25_ds_del_timer() that calls del_timer() in it will return directly. As a result, the use-after-free bugs could happen, one of the scenarios is shown below: (Thread 1) | (Thread 2) | ax25_ds_timeout() ax25_dev_device_down() | ax25_ds_del_timer() | del_timer() | ax25_dev_put() //FREE | | ax25_dev-> //USE In order to mitigate bugs, when the device is detaching, use timer_shutdown_sync() to stop the timer.
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 5.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35887.json
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-35887
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-35887
epss 0.00019 https://api.first.org/data/v1/epss?cve=CVE-2024-35887
cvssv3.1 5.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc Track https://git.kernel.org/stable/c/74204bf9050f7627aead9875fe4e07ba125cb19b
ssvc Track https://git.kernel.org/stable/c/c6a368f9c7af4c14b14d390c2543af8001c9bdb9
ssvc Track https://git.kernel.org/stable/c/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35887.json
https://api.first.org/data/v1/epss?cve=CVE-2024-35887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35887
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2281695 https://bugzilla.redhat.com/show_bug.cgi?id=2281695
74204bf9050f7627aead9875fe4e07ba125cb19b https://git.kernel.org/stable/c/74204bf9050f7627aead9875fe4e07ba125cb19b
c6a368f9c7af4c14b14d390c2543af8001c9bdb9 https://git.kernel.org/stable/c/c6a368f9c7af4c14b14d390c2543af8001c9bdb9
fd819ad3ecf6f3c232a06b27423ce9ed8c20da89 https://git.kernel.org/stable/c/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89
USN-6893-1 https://usn.ubuntu.com/6893-1/
USN-6893-2 https://usn.ubuntu.com/6893-2/
USN-6893-3 https://usn.ubuntu.com/6893-3/
USN-6918-1 https://usn.ubuntu.com/6918-1/
USN-7288-1 https://usn.ubuntu.com/7288-1/
USN-7288-2 https://usn.ubuntu.com/7288-2/
USN-7289-1 https://usn.ubuntu.com/7289-1/
USN-7289-2 https://usn.ubuntu.com/7289-2/
USN-7289-3 https://usn.ubuntu.com/7289-3/
USN-7289-4 https://usn.ubuntu.com/7289-4/
USN-7291-1 https://usn.ubuntu.com/7291-1/
USN-7293-1 https://usn.ubuntu.com/7293-1/
USN-7294-1 https://usn.ubuntu.com/7294-1/
USN-7294-2 https://usn.ubuntu.com/7294-2/
USN-7294-3 https://usn.ubuntu.com/7294-3/
USN-7294-4 https://usn.ubuntu.com/7294-4/
USN-7295-1 https://usn.ubuntu.com/7295-1/
USN-7305-1 https://usn.ubuntu.com/7305-1/
USN-7308-1 https://usn.ubuntu.com/7308-1/
USN-7331-1 https://usn.ubuntu.com/7331-1/
USN-7388-1 https://usn.ubuntu.com/7388-1/
USN-7389-1 https://usn.ubuntu.com/7389-1/
USN-7390-1 https://usn.ubuntu.com/7390-1/
USN-7393-1 https://usn.ubuntu.com/7393-1/
USN-7401-1 https://usn.ubuntu.com/7401-1/
USN-7413-1 https://usn.ubuntu.com/7413-1/
USN-7458-1 https://usn.ubuntu.com/7458-1/
USN-7539-1 https://usn.ubuntu.com/7539-1/
USN-7540-1 https://usn.ubuntu.com/7540-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35887.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:31:26Z/ Found at https://git.kernel.org/stable/c/74204bf9050f7627aead9875fe4e07ba125cb19b
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:31:26Z/ Found at https://git.kernel.org/stable/c/c6a368f9c7af4c14b14d390c2543af8001c9bdb9
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T18:31:26Z/ Found at https://git.kernel.org/stable/c/fd819ad3ecf6f3c232a06b27423ce9ed8c20da89
Exploit Prediction Scoring System (EPSS)
Percentile 0.05259
EPSS Score 0.00019
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:50:29.615521+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0