CVE-2024-41070Use After Free in Linux

CWE-416Use After Free53 documents8 sources
Severity
7.8HIGHNVD
OSV8.8OSV7.1OSV5.5
EPSS
0.0%
top 95.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
LinuxLinux KernelDebian Linux+9 more
Timeline
PublishedJul 29
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Al reported a possible use-after-free (UAF) in kvm_spapr_tce_attach_iommu_group(). It looks up `stt` from tablefd, but then continues to use it after doing fdput() on the returned fd. After the fdput() the tablefd is free to be closed by another thread. The close calls kvm_spapr_tce_release() and then release_spapr_tce_table() (via call_rcu()) which frees

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages14 packages

NVDlinux/linux_kernel5.55.10.223+5
Debianlinux/linux_kernel< 5.10.223-1+3
Ubuntulinux/linux_kernel< 5.4.0-200.220+3

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

25
OSV
linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips vulnerabilities2025-07-08
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities2025-07-08
OSV
linux-azure-5.15 vulnerabilities2025-01-09
OSV
linux-gkeop vulnerabilities2024-12-12
OSV
linux-intel-iotg, linux-intel-iotg-5.15 vulnerabilities2024-12-09

📋Vendor Advisories

27
CISA ICS
Siemens Third-Party Components in SINEC OS2025-08-14
Ubuntu
Linux kernel vulnerabilities2025-07-08
Ubuntu
Linux kernel (FIPS) vulnerabilities2025-07-08
Ubuntu
Linux kernel (Azure) vulnerabilities2025-01-09
Ubuntu
Linux kernel (GKE) vulnerabilities2024-12-12