#VU98891 Use-after-free in Linux kernel - CVE-2024-49852
Vulnerability identifier: #VU98891
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the efc_nport_vport_del() function in drivers/scsi/elx/libefc/efc_nport.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff
https://git.kernel.org/stable/c/abc71e89170ed32ecf0a5a29f31aa711e143e941
https://git.kernel.org/stable/c/baeb8628ab7f4577740f00e439d3fdf7c876b0ff
https://git.kernel.org/stable/c/7c2908985e4ae0ea1b526b3916de9e5351650908
https://git.kernel.org/stable/c/98752fcd076a8cbc978016eae7125b4971be1eec
https://git.kernel.org/stable/c/2e4b02fad094976763af08fec2c620f4f8edd9ae
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
