CVE-2024-44998

In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeue_rx() We can't dereference "skb" after calling vcc->push() because the skb is released.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*

History

06 Sep 2024, 16:28

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
First Time Linux linux Kernel
Linux
CWE CWE-416
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
References () https://git.kernel.org/stable/c/09e086a5f72ea27c758b3f3b419a69000c32adc1 - () https://git.kernel.org/stable/c/09e086a5f72ea27c758b3f3b419a69000c32adc1 - Patch
References () https://git.kernel.org/stable/c/1cece837e387c039225f19028df255df87a97c0d - () https://git.kernel.org/stable/c/1cece837e387c039225f19028df255df87a97c0d - Patch
References () https://git.kernel.org/stable/c/24cf390a5426aac9255205e9533cdd7b4235d518 - () https://git.kernel.org/stable/c/24cf390a5426aac9255205e9533cdd7b4235d518 - Patch
References () https://git.kernel.org/stable/c/379a6a326514a3e2f71b674091dfb0e0e7522b55 - () https://git.kernel.org/stable/c/379a6a326514a3e2f71b674091dfb0e0e7522b55 - Patch
References () https://git.kernel.org/stable/c/628ea82190a678a56d2ec38cda3addf3b3a6248d - () https://git.kernel.org/stable/c/628ea82190a678a56d2ec38cda3addf3b3a6248d - Patch
References () https://git.kernel.org/stable/c/91b4850e7165a4b7180ef1e227733bcb41ccdf10 - () https://git.kernel.org/stable/c/91b4850e7165a4b7180ef1e227733bcb41ccdf10 - Patch
References () https://git.kernel.org/stable/c/a9a18e8f770c9b0703dab93580d0b02e199a4c79 - () https://git.kernel.org/stable/c/a9a18e8f770c9b0703dab93580d0b02e199a4c79 - Patch
References () https://git.kernel.org/stable/c/ef23c18ab88e33ce000d06a5c6aad0620f219bfd - () https://git.kernel.org/stable/c/ef23c18ab88e33ce000d06a5c6aad0620f219bfd - Patch

05 Sep 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: atm: idt77252: evitar use after free en dequeue_rx() No podemos desreferenciar "skb" después de llamar a vcc->push() porque skb está liberado.

04 Sep 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-04 20:15

Updated : 2024-09-06 16:28


NVD link : CVE-2024-44998

Mitre link : CVE-2024-44998

CVE.ORG link : CVE-2024-44998


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free