CVE-2024-46845: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46845 affects the Linux kernel's timerlat tracer functionality. The vulnerability was discovered in September 2024 and impacts Linux kernel versions from 6.5 up to (excluding) 6.6.51, from 6.7 up to (excluding) 6.10.10, and version 6.11 release candidates (rc1-rc6). The issue occurs in the tracing/timerlat subsystem where a use-after-free bug can be triggered when handling thread shutdowns (NVD).

The vulnerability exists in the timerlat tracer's handling of user space threads that check for osnoise and timer latency. When a program is terminated via SIGTERM, the threads are shut down sequentially. During this process, if another tracing instance starts up and resets the threads before they are fully closed, it causes the hrtimer assigned to the kthread to be shutdown and freed twice when the dying thread finally closes the file descriptors. This results in a use-after-free vulnerability. The issue has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could allow a local attacker with low privileges to potentially achieve high impacts on confidentiality, integrity, and availability of the system through the use-after-free condition. This could lead to system crashes, information disclosure, or potential privilege escalation (NVD).

The vulnerability has been fixed in the Linux kernel through a patch that ensures the hrtimer is only cancelled if the associated thread still exists. The fix also adds proper synchronization using interfacelock around the resetting of the tlatvar->kthread. System administrators should update to patched kernel versions. This is considered a quick fix, with a more comprehensive solution planned to improve synchronization between thread shutdown and startup processes (Kernel Patch).