#VU89002 Use-after-free in Linux kernel - CVE-2024-26582

Cybersecurity Help s.r.o.

Published: 2024-04-25

Vulnerability identifier: #VU89002

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-26582

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in net/tls/tls_sw.c during partial reads and async decrypt. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: before 6.1.79, 6.1.79

External links
https://git.kernel.org/stable/c/32b55c5ff9103b8508c1e04bfa5a08c64e7a925f
https://git.kernel.org/stable/c/20b4ed034872b4d024b26e2bc1092c3f80e5db96
https://git.kernel.org/stable/c/d684763534b969cca1022e2a28645c7cc91f7fa5
https://git.kernel.org/stable/c/754c9bab77a1b895b97bd99d754403c505bc79df

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for kernel

Multiple vulnerabilities in IBM Storage Scale System

Ubuntu update for linux-hwe-6.5

Ubuntu update for linux-nvidia-6.5

Ubuntu update for linux-laptop

Ubuntu update for linux-oem-6.5

Debian update for linux

Red Hat Enterprise Linux 9 update for kernel

Red Hat Enterprise Linux 9.2 Extended Update Support update for kernel

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.15