CVE-2024-49874: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-49874 is a use-after-free vulnerability discovered in the Linux kernel's I3C subsystem, specifically in the svci3cmaster driver. The vulnerability was disclosed on October 21, 2024, and affects Linux kernel versions from 6.4 up to (excluding) 6.6.55, from 6.7 up to (excluding) 6.10.14, and from 6.11 up to (excluding) 6.11.3 (NVD).

The vulnerability occurs in the svci3cmaster driver due to a race condition between work queue execution and module removal. In the svci3cmasterprobe function, master->hjwork is bound with svci3cmasterhjwork and master->ibiwork is bound with svci3cmasteribiwork. The issue arises when the module is removed, calling svci3cmasterremove, which frees master->base through i3cmasterunregister while the work queues are still active. The vulnerability has been assigned a CVSS v3.1 base score of 7.0 (HIGH) with vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The use-after-free vulnerability could potentially lead to system crashes, memory corruption, or arbitrary code execution in the context of the kernel. This could compromise the integrity and security of affected systems (NVD).

The vulnerability has been patched by ensuring that the work queue is canceled before proceeding with cleanup in svci3cmaster_remove. The fix has been implemented in multiple kernel versions through patches. Users should update their Linux kernel to the latest patched version: 6.6.55 or later for the 6.6 series, 6.10.14 or later for the 6.10 series, or 6.11.3 or later for the 6.11 series (Kernel Patch).