CVE-2024-50028

{"id": "CVE-2024-50028", "cveTags": [], "metrics": {}, "published": "2024-10-21T20:15:16.163", "references": [{"url": "https://git.kernel.org/stable/c/a42a5839f400e929c489bb1b58f54596c4535167", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c95538b286efc6109c987e97a051bc7844ede802", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Reference count the zone in thermal_zone_get_by_id()\n\nThere are places in the thermal netlink code where nothing prevents\nthe thermal zone object from going away while being accessed after it\nhas been returned by thermal_zone_get_by_id().\n\nTo address this, make thermal_zone_get_by_id() get a reference on the\nthermal zone device object to be returned with the help of get_device(),\nunder thermal_list_lock, and adjust all of its callers to this change\nwith the help of the cleanup.h infrastructure."}], "lastModified": "2024-10-21T20:15:16.163", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}