#VU90163 Use-after-free in Linux kernel - CVE-2024-35855

Vulnerability identifier: #VU90163

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35855

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_ventry_activity_get() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/1b73f6e4ea770410a937a8db98f77e52594d23a0
https://git.kernel.org/stable/c/e24d2487424779c02760ff50cd9021b8676e19ef
https://git.kernel.org/stable/c/c17976b42d546ee118ca300db559630ee96fb758
https://git.kernel.org/stable/c/b996e8699da810e4c915841d6aaef761007f933a
https://git.kernel.org/stable/c/feabdac2057e863d0e140a2adf3d232eb4882db4
https://git.kernel.org/stable/c/b183b915beef818a25e3154d719ca015a1ae0770
https://git.kernel.org/stable/c/79b5b4b18bc85b19d3a518483f9abbbe6d7b3ba4

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.