#VU98868 Use-after-free in Linux kernel - CVE-2024-49889

Vulnerability identifier: #VU98868

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49889

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ext4_split_extents(), ext4_split_extent() and ext4_ext_handle_unwritten_extents() functions in fs/ext4/extents.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/b0cb4561fc4284d04e69c8a66c8504928ab2484e
https://git.kernel.org/stable/c/4999fed877bb64e3e7f9ab9996de2ca983c41928
https://git.kernel.org/stable/c/2eba3b0cc5b8de624918d21f32b5b8db59a90b39
https://git.kernel.org/stable/c/34b2096380ba475771971a778a478661a791aa15
https://git.kernel.org/stable/c/8b114f2cc7dd5d36729d040b68432fbd0f0a8868
https://git.kernel.org/stable/c/d483c7cc1796bd6a80e7b3a8fd494996260f6b67
https://git.kernel.org/stable/c/4e2524ba2ca5f54bdbb9e5153bea00421ef653f5

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.