#VU102017 Use-after-free in Linux kernel - CVE-2024-56602

Vulnerability identifier: #VU102017

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56602

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee802154_create() function in net/ieee802154/socket.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/03caa9bfb9fde97fb53d33decd7364514e6825cb
https://git.kernel.org/stable/c/14959fd7538b3be6d7617d9e60e404d6a8d4fd1f
https://git.kernel.org/stable/c/1d5fe782c0ff068d80933f9cfd0fd39d5434bbc9
https://git.kernel.org/stable/c/2b46994a6e76c8cc5556772932b9b60d03a55cd8
https://git.kernel.org/stable/c/b4982fbf13042e3bb33e04eddfea8b1506b5ea65
https://git.kernel.org/stable/c/b4fcd63f6ef79c73cafae8cf4a114def5fc3d80d
https://git.kernel.org/stable/c/e8bd6c5f5dc2234b4ea714380aedeea12a781754

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.