#VU94942 Use-after-free in Linux kernel - CVE-2024-41070
Vulnerability identifier: #VU94942
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kvm_spapr_tce_attach_iommu_group() function in arch/powerpc/kvm/book3s_64_vio.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/be847bb20c809de8ac124431b556f244400b0491
https://git.kernel.org/stable/c/4cdf6926f443c84f680213c7aafbe6f91a5fcbc0
https://git.kernel.org/stable/c/b26c8c85463ef27a522d24fcd05651f0bb039e47
https://git.kernel.org/stable/c/5f856023971f97fff74cfaf21b48ec320147b50a
https://git.kernel.org/stable/c/82c7a4cf14aa866f8f7f09e662b02eddc49ee0bf
https://git.kernel.org/stable/c/9975f93c760a32453d7639cf6fcf3f73b4e71ffe
https://git.kernel.org/stable/c/a986fa57fd81a1430e00b3c6cf8a325d6f894a63
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
