{"id":"CVE-2024-50127","summary":"net: sched: fix use-after-free in taprio_change()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix use-after-free in taprio_change()\n\nIn 'taprio_change()', 'admin' pointer may become dangling due to sched\nswitch / removal caused by 'advance_sched()', and critical section\nprotected by 'q-\u003ecurrent_entry_lock' is too small to prevent from such\na scenario (which causes use-after-free detected by KASAN). Fix this\nby prefer 'rcu_replace_pointer()' over 'rcu_assign_pointer()' to update\n'admin' immediately before an attempt to schedule freeing.","modified":"2026-04-16T04:31:31.539816098Z","published":"2024-11-05T17:10:54.385Z","related":["SUSE-SU-2024:4313-1","SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4317-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4345-1","SUSE-SU-2024:4346-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2024:4388-1","SUSE-SU-2025:02069-1","SUSE-SU-2025:02070-1","SUSE-SU-2025:02071-1","SUSE-SU-2025:02076-1","SUSE-SU-2025:02077-1","SUSE-SU-2025:02106-1","SUSE-SU-2025:02107-1","SUSE-SU-2025:02110-1","SUSE-SU-2025:02111-1","SUSE-SU-2025:02113-1","SUSE-SU-2025:02116-1","SUSE-SU-2025:02117-1","SUSE-SU-2025:02124-1","SUSE-SU-2025:02125-1","SUSE-SU-2025:02126-1","SUSE-SU-2025:02127-1","SUSE-SU-2025:02134-1","SUSE-SU-2025:02136-1","SUSE-SU-2025:02139-1","SUSE-SU-2025:02140-1","SUSE-SU-2025:02142-1","SUSE-SU-2025:02144-1","SUSE-SU-2025:02154-1","SUSE-SU-2025:02157-1","SUSE-SU-2025:02162-1","SUSE-SU-2025:02171-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","SUSE-SU-2025:20431-1","SUSE-SU-2025:20435-1","SUSE-SU-2025:20436-1","SUSE-SU-2025:20437-1","SUSE-SU-2025:20448-1","SUSE-SU-2025:20450-1","USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50127.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0d4c0d2844e4eac3aed647f948fd7e60eea56a61"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2240f9376f20f8b6463232b4ca7292569217237f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2f868ce6013548a713c431c679ef73747a66fcf3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8a283a19026aaae8a773fd8061263cfa315b127f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/999612996df28d81f163dad530d7f8026e03aec6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f504465970aebb2467da548f7c1efbbf36d0f44b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fe371f084073e8672a2d7d46b335c3c060d1e301"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50127.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50127"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a3d43c0d56f1b94e74963a2fbadfb70126d92213"},{"fixed":"2f868ce6013548a713c431c679ef73747a66fcf3"},{"fixed":"8a283a19026aaae8a773fd8061263cfa315b127f"},{"fixed":"999612996df28d81f163dad530d7f8026e03aec6"},{"fixed":"fe371f084073e8672a2d7d46b335c3c060d1e301"},{"fixed":"0d4c0d2844e4eac3aed647f948fd7e60eea56a61"},{"fixed":"2240f9376f20f8b6463232b4ca7292569217237f"},{"fixed":"f504465970aebb2467da548f7c1efbbf36d0f44b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50127.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}