CVE-2024-0562: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2024-0562) was discovered in the Linux Kernel. The issue occurs when a disk is removed - bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback (NVD, Red Hat CVE).

The vulnerability exists in the writeback mechanism of the Linux kernel. When a disk device is removed, the bdi_unregister function is called to stop further writeback operations and wait for associated delayed work to complete. However, there is a race condition where wb_inode_writeback_end() may schedule bandwidth estimation work after the completion, leading to a use-after-free condition when the timer attempts to access the freed bdi_writeback structure. The issue was fixed by adding checks to verify if the bdi_writeback is alive before scheduling work, similar to existing writeback work scheduling checks. The fix also required changing wb->work_lock to an irqsafe lock since wb_inode_writeback_end() may be called from interrupt context (Kernel Patch).

This use-after-free vulnerability could potentially lead to system crashes, memory corruption, or privilege escalation. The issue has been assigned a CVSS v3.1 base score of 7.8 (High), indicating significant potential impact on system security (NVD).

The vulnerability has been fixed in Linux kernel version 6.0-rc3. Various Linux distributions have released security updates to address this issue. For example, Red Hat has released fixes for Red Hat Enterprise Linux 8.6 Extended Update Support through RHSA-2024:0412 (Red Hat Advisory). Users are advised to update their systems to the patched versions.