CVE-2024-0584

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0584
Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

14 Feb 2024, 06:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5 		v2 : unknown
v3 : unknown
CWE CWE-416
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2024-0584', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=2258584', 'tags': ['Exploit', 'Issue Tracking', 'Third Party Advisory'], 'source': 'secalert@redhat.com'}
  • {'url': 'https://lore.kernel.org/netdev/170083982540.9628.4546899811301303734.git-patchwork-notify@kernel.org/T/', 'tags': ['Mailing List', 'Patch'], 'source': 'secalert@redhat.com'}
Summary
  • (es) Se encontró un problema de use after free en igmp_start_timer en net/ipv4/igmp.c en el subcomponente de red del kernel de Linux. Este fallo permite a un usuario local observar un problema de use after free cuando recibe un paquete de consulta igmp, lo que provoca una fuga de información del kernel.
Summary (en) A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak. (en) Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*

23 Jan 2024, 20:18

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
References () https://bugzilla.redhat.com/show_bug.cgi?id=2258584 - () https://bugzilla.redhat.com/show_bug.cgi?id=2258584 - Exploit, Issue Tracking, Third Party Advisory
References () https://lore.kernel.org/netdev/170083982540.9628.4546899811301303734.git-patchwork-notify@kernel.org/T/ - () https://lore.kernel.org/netdev/170083982540.9628.4546899811301303734.git-patchwork-notify@kernel.org/T/ - Mailing List, Patch
References () https://access.redhat.com/security/cve/CVE-2024-0584 - () https://access.redhat.com/security/cve/CVE-2024-0584 - Third Party Advisory
CWE CWE-416
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

21 Jan 2024, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-01-16 14:15

Updated : 2024-02-14 06:15

NVD link : CVE-2024-0584

Mitre link : CVE-2024-0584

CVE.ORG link : CVE-2024-0584

JSON object : View

Products Affected

No product.

CWE

No CWE.