Use-after-free in Linux kernel

#VU98885 Use-after-free in Linux kernel

Cybersecurity Help s.r.o.

Published: 2024-10-21

Vulnerability identifier: #VU98885

Vulnerability risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-49867

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://git.kernel.org/stable/c/70b60c8d9b42763d6629e44f448aa5d8ae477d61
http://git.kernel.org/stable/c/4c98fe0dfa2ae83c4631699695506d8941db4bfe
http://git.kernel.org/stable/c/9da40aea63f8769f28afb91aea0fac4cf6fbbb65
http://git.kernel.org/stable/c/ed87190e9d9c80aad220fb6b0b03a84d22e2c95b
http://git.kernel.org/stable/c/bf0de0f9a0544c11f96f93206da04ab87dcea1f4
http://git.kernel.org/stable/c/65d11eb276836d49003a8060cf31fa2284ad1047
http://git.kernel.org/stable/c/41fd1e94066a815a7ab0a7025359e9b40e4b3576

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 22.03 LTS SP4 update for kernel

openEuler 22.03 LTS SP3 update for kernel

openEuler 22.03 LTS SP1 update for kernel

openEuler 24.03 LTS update for kernel

Use-after-free in Linux kernel btrfs