{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27054", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.214Z", "datePublished": "2024-05-01T12:54:49.441Z", "dateUpdated": "2025-05-02T06:14:50.168Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-02T06:14:50.168Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module's refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/s390/block/dasd.c"], "versions": [{"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "9fe0562179d8fa960afca0eaed6d4ba4122a3cc6", "status": "affected", "versionType": "git"}, {"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "edbdb0d94143db46edd373cc93e433832d29fe19", "status": "affected", "versionType": "git"}, {"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "ad999aa18103fa038787b6a8a55020abcf34df1a", "status": "affected", "versionType": "git"}, {"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "ec09bcab32fc4765e0cc97e1b72cdd067135f37e", "status": "affected", "versionType": "git"}, {"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "fa18aa507ea71d8914b6acb2c94db311c757c650", "status": "affected", "versionType": "git"}, {"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "ebc5a3bd79e54f98c885c26f0862a27a02c487c5", "status": "affected", "versionType": "git"}, {"version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "c3116e62ddeff79cae342147753ce596f01fcf06", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/s390/block/dasd.c"], "versions": [{"version": "4.9", "status": "affected"}, {"version": "0", "lessThan": "4.9", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.237", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6"}, {"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"}, {"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"}, {"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"}, {"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"}, {"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"}, {"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"}], "title": "s390/dasd: fix double module refcount decrement", "x_generator": {"engine": "bippy-1.1.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-06-06T18:30:31.482327Z", "id": "CVE-2024-27054", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T20:08:55.117Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.895Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.895Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-27054", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-06T18:30:31.482327Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T18:30:39.281Z"}}], "cna": {"title": "s390/dasd: fix double module refcount decrement", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "edbdb0d94143db46edd373cc93e433832d29fe19", "versionType": "git"}, {"status": "affected", "version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "ad999aa18103fa038787b6a8a55020abcf34df1a", "versionType": "git"}, {"status": "affected", "version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "ec09bcab32fc4765e0cc97e1b72cdd067135f37e", "versionType": "git"}, {"status": "affected", "version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "fa18aa507ea71d8914b6acb2c94db311c757c650", "versionType": "git"}, {"status": "affected", "version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "ebc5a3bd79e54f98c885c26f0862a27a02c487c5", "versionType": "git"}, {"status": "affected", "version": "c020d722b110a44c613ef71e657e6dd4116e09d9", "lessThan": "c3116e62ddeff79cae342147753ce596f01fcf06", "versionType": "git"}], "programFiles": ["drivers/s390/block/dasd.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.9"}, {"status": "unaffected", "version": "0", "lessThan": "4.9", "versionType": "semver"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/s390/block/dasd.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"}, {"url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"}, {"url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"}, {"url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"}, {"url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"}, {"url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module's refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:53:27.862Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27054", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:53:27.862Z", "dateReserved": "2024-02-19T14:20:24.214Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-01T12:54:49.441Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87053F0F-673E-4CE8-9F5D-976A9DAF6EBF", "versionEndExcluding": "5.15.153", "versionStartIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19", "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module's refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: corrige la disminuci\u00f3n del doble recuento del m\u00f3dulo Una vez que la disciplina est\u00e1 asociada con el dispositivo, eliminar el dispositivo se encarga de disminuir el recuento del m\u00f3dulo. Hacerlo manualmente en esta ruta de error hace que el recuento disminuya artificialmente en cada error, mientras que deber\u00eda permanecer igual."}], "id": "CVE-2024-27054", "lastModified": "2025-05-02T07:15:52.860", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-01T13:15:50.270", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9fe0562179d8fa960afca0eaed6d4ba4122a3cc6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ad999aa18103fa038787b6a8a55020abcf34df1a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c3116e62ddeff79cae342147753ce596f01fcf06"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ebc5a3bd79e54f98c885c26f0862a27a02c487c5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ec09bcab32fc4765e0cc97e1b72cdd067135f37e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/edbdb0d94143db46edd373cc93e433832d29fe19"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa18aa507ea71d8914b6acb2c94db311c757c650"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: s390/dasd: fix double module refcount decrement", "id": "2278413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278413"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ns390/dasd: fix double module refcount decrement\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module's refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.", "A vulnerability was found in the dasd_generic_set_online() function in the Linux Kernel's s390 dasd.c driver, where improper reference count handling on error paths can lead to the refcount value being decreased twice, resulting in an incorrect underflow. This issue can lead to system instability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-27054", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27054\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27054\nhttps://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27054-b0ff@gregkh/T"], "statement": "Red Hat Enterprise Linux is not impacted by this CVE, as this vulnerability does not affect the specific versions or configurations of the Linux kernel used in its distributions. This ensures that users of Red Hat Enterprise Linux are not exposed to the potential risks associated with this issue, and no further action or mitigation is necessary for systems running this operating system.", "threat_severity": "Moderate"}