#VU102025 Use-after-free in Linux kernel - CVE-2024-56633
Vulnerability identifier: #VU102025
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sock_put() function in net/ipv4/tcp_bpf.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/0d6cd1151e26fc7c2d5daa85e8984aaa685a1a12
https://git.kernel.org/stable/c/206d56f41a1509cadd06e2178c26cb830e45057d
https://git.kernel.org/stable/c/456f08d24afa51b5eb816c42e4ca1c44a247bd42
https://git.kernel.org/stable/c/5c9e3bb43a354a2245caebbbbb4a5b8c034fdd56
https://git.kernel.org/stable/c/905d82e6e77d16ec3e089c92b7b59a14899dfc1a
https://git.kernel.org/stable/c/ca70b8baf2bd125b2a4d96e76db79375c07d7ff2
https://git.kernel.org/stable/c/dbedc7e142df5ea238a46fdd7462c1c42cd36a10
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
