CVE-2024-26689Use After Free in Linux

CWE-416Use After Free68 documents7 sources
Severity
7.8HIGHNVD
OSV7.1OSV7.0OSV6.5OSV5.9OSV5.5
EPSS
0.0%
top 98.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedApr 3
Latest updateJan 29

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the refcount could be increment here, it was freed. In same file, in "handle_cap_grant()" refcount is decremented by this line - 'ceph_buffer_put(ci->i_xattrs.blob);'. It appears that a race occurred and resource was freed by

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

NVDlinux/linux_kernel5.115.15.149+5
Debianlinux/linux_kernel< 5.10.216-1+3
Ubuntulinux/linux_kernel< 5.4.0-215.235+9
CVEListV5linux/linux9030aaf9bf0a1eee47a154c316c789e959638b0f8180d0c27b93a6eb60da1b08ea079e3926328214+6
debiandebian/linux< linux 6.1.82-1 (bookworm)

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

33
OSV
linux vulnerabilities2026-01-29
OSV
linux-iot vulnerabilities2025-07-16
OSV
Kernel Live Patch Security Notice2025-05-29
OSV
linux-raspi-5.4 vulnerabilities2025-05-28
OSV
linux-raspi vulnerabilities2025-05-28

📋Vendor Advisories

33
Ubuntu
Linux kernel vulnerabilities2026-01-29
Ubuntu
Linux kernel (IoT) vulnerabilities2025-07-16
Ubuntu
Kernel Live Patch Security Notice2025-05-29
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-28
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-28

💬Community

1
Bugzilla
CVE-2024-26689 kernel: ceph: prevent use-after-free in encode_cap_msg()2024-04-03