#VU96838 Use-after-free in Linux kernel - CVE-2024-44986

Vulnerability identifier: #VU96838

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44986

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_finish_output2() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037
https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e
https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b
https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be127b0578a
https://git.kernel.org/stable/c/da273b377ae0d9bd255281ed3c2adb228321687b

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.