#VU102023 Use-after-free in Linux kernel - CVE-2024-56623
Vulnerability identifier: #VU102023
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/07c903db0a2ff84b68efa1a74a4de353ea591eb0
https://git.kernel.org/stable/c/12f04fc8580eafb0510f805749553eb6213f323e
https://git.kernel.org/stable/c/15369e774f27ec790f207de87c0b541e3f90b22d
https://git.kernel.org/stable/c/6abf16d3c915b2feb68c1c8b25fcb71b13f98478
https://git.kernel.org/stable/c/b3e6f25176f248762a24d25ab8cf8c5e90874f80
https://git.kernel.org/stable/c/ca36d9d53745d5ec8946ef85006d4da605ea7c54
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
