#VU104958 Use-after-free in Linux kernel - CVE-2024-58013

Cybersecurity Help s.r.o.

Published: 2025-02-27 | Updated: 2025-05-11

Vulnerability identifier: #VU104958

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-58013

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mgmt_remove_adv_monitor_complete() function in net/bluetooth/mgmt.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.12, 6.12.1, 6.12.2, 6.12.3, 6.12.4, 6.12.5, 6.12.6, 6.12.7, 6.12.8, 6.12.9, 6.12.10, 6.12.11, 6.12.12, 6.12.13

External links
https://git.kernel.org/stable/c/0f3d05aacbfcf3584bbd9caaee34cb02508dab68
https://git.kernel.org/stable/c/26fbd3494a7dd26269cb0817c289267dbcfdec06
https://git.kernel.org/stable/c/4ebbcb9bc794e5be647ee28fdf14eb1ae0659405
https://git.kernel.org/stable/c/75e65b983c5e2ee51962bfada98a79d805f28827
https://git.kernel.org/stable/c/ebb90f23f0ac21044aacf4c61cc5d7841fe99987
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.14

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for linux-lowlatency

Ubuntu update for linux-aws

Ubuntu update for linux

openEuler 24.03 LTS SP1 update for kernel

openEuler 24.03 LTS update for kernel

SUSE update for the Linux Kernel