CVE-2024-26625Use After Free in Linux

CWE-416Use After Free49 documents8 sources
Severity
7.8HIGHNVD
OSV8.8OSV8.5OSV7.5OSV6.5OSV5.5
EPSS
0.0%
top 98.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
LinuxLinux KernelGit-lfs+2 more
Timeline
PublishedMar 6
Latest updateJan 26

Description

In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after calling proto_ops::release()") Eric Biggers hinted that some protocols are missing a sock_orphan(), we need to perform a full audit. In net-next, I plan to clear sock->sk from sock_orphan() and amend Eric patch to add a wa

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

debiandebian/linux< linux 6.1.82-1 (bookworm)
NVDlinux/linux_kernel2.6.354.19.307+7
Debianlinux/linux_kernel< 5.10.216-1+3
Ubuntulinux/linux_kernel< 5.4.0-181.201+3
CVEListV5linux/linux43815482370c510c569fd18edb57afcb0fa8cab66b950c712a9a05cdda4aea7fcb2848766576c11b+8

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

24
OSV
git-lfs vulnerabilities2026-01-26
OSV
linux-azure, linux-azure-4.15 vulnerabilities2025-01-09
OSV
linux, linux-lts-xenial vulnerabilities2025-01-06
OSV
linux-aws, linux-kvm vulnerabilities2025-01-06
OSV
linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities2025-01-06

📋Vendor Advisories

23
CISA ICS
Siemens SINEC OS2025-08-14
Ubuntu
Linux kernel (Azure) vulnerabilities2025-01-09
Ubuntu
Linux kernel vulnerabilities2025-01-06
Ubuntu
Linux kernel vulnerabilities2025-01-06
Ubuntu
Linux kernel vulnerabilities2025-01-06

💬Community

1
Bugzilla
CVE-2024-26625 kernel: llc: call sock_orphan() at release time2024-03-06