CVE-2024-50073Use After Free in Linux

CWE-416Use After Free76 documents7 sources
Severity
7.8HIGHNVD
OSV8.8OSV5.5
EPSS
0.0%
top 96.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
LinuxLinux KernelDebian Linux+6 more
Timeline
PublishedOct 29
Latest updateOct 21

Description

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages11 packages

NVDlinux/linux_kernel6.26.6.58+3
Debianlinux/linux_kernel< 6.1.115-1+2
Ubuntulinux/linux_kernel< 5.15.0-151.161+5

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

37
OSV
linux-azure-fips vulnerabilities2025-10-21
OSV
linux-oracle-5.4 vulnerabilities2025-10-21
OSV
linux-azure, linux-azure-5.4 vulnerabilities2025-10-13
OSV
linux-azure-5.15 vulnerabilities2025-09-02
OSV
linux-azure-fips vulnerabilities2025-08-22

📋Vendor Advisories

38
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-10-21
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-10-21
Ubuntu
Linux kernel (Azure) vulnerabilities2025-10-13
Ubuntu
Linux kernel (Azure) vulnerabilities2025-09-02
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-08-22