CVE-2024-56714

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ionic: no double destroy workqueue<br /> <br /> There are some FW error handling paths that can cause us to<br /> try to destroy the workqueue more than once, so let&amp;#39;s be sure<br /> we&amp;#39;re checking for that.<br /> <br /> The case where this popped up was in an AER event where the<br /> handlers got called in such a way that ionic_reset_prepare()<br /> and thus ionic_dev_teardown() got called twice in a row.<br /> The second time through the workqueue was already destroyed,<br /> and destroy_workqueue() choked on the bad wq pointer.<br /> <br /> We didn&amp;#39;t hit this in AER handler testing before because at<br /> that time we weren&amp;#39;t using a private workqueue. Later we<br /> replaced the use of the system workqueue with our own private<br /> workqueue but hadn&amp;#39;t rerun the AER handler testing since then.