Use-after-free in Linux kernel

#VU90199 Use-after-free in Linux kernel

Published: 2024-05-31

Vulnerability identifier: #VU90199

Vulnerability risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26872

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the srpt_add_one() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://git.kernel.org/stable/c/bdd895e0190c464f54f84579e7535d80276f0fc5
http://git.kernel.org/stable/c/6413e78086caf7bf15639923740da0d91fdfd090
http://git.kernel.org/stable/c/e362d007294955a4fb929e1c8978154a64efdcb6
http://git.kernel.org/stable/c/85570b91e4820a0db9d9432098778cafafa7d217
http://git.kernel.org/stable/c/7104a00fa37ae898a827381f1161fa3286c8b346
http://git.kernel.org/stable/c/ec77fa12da41260c6bf9e060b89234b980c5130f
http://git.kernel.org/stable/c/c21a8870c98611e8f892511825c9607f1e2cd456

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat Enterprise Linux 8 update for kernel-rt

Use-after-free in Linux kernel ulp srpt driver