#VU102021 Use-after-free in Linux kernel - CVE-2024-56606
Vulnerability identifier: #VU102021
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the packet_create() function in net/packet/af_packet.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/132e615bb1d7cdec2d3cfbdec2efa630e923fd21
https://git.kernel.org/stable/c/157f08db94123e2ba56877dd0ac88908b13a5dd0
https://git.kernel.org/stable/c/1dc1e1db927056cb323296e2294a855cd003dfe7
https://git.kernel.org/stable/c/46f2a11cb82b657fd15bab1c47821b635e03838b
https://git.kernel.org/stable/c/71b22837a5e55ac27d6a14b9cdf2326587405c4f
https://git.kernel.org/stable/c/a6cf750b737374454a4e03a5ed449a3eb0c96414
https://git.kernel.org/stable/c/fd09880b16d33aa5a7420578e01cd79148fa9829
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
