CVE-2024-53206Use After Free in Linux

CWE-416Use After Free22 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 97.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LinuxLinux KernelDebian Linux+3 more
Timeline
PublishedDec 27
Latest updateApr 28

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsk_timer_handler(). The cited commit replaced inet_csk_reqsk_queue_drop_and_put() with __inet_csk_reqsk_queue_drop() and reqsk_put() in reqsk_timer_handler(). Then, oreq should be passed to reqsk_put() instead of req; otherwise use-after-free of nreq could happen when reqsk is migrated but the retry attempt failed (e.g. due to timeout). Let's pass oreq to reqsk_put().

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

NVDlinux/linux_kernel5.15.1705.15.174+4
Debianlinux/linux_kernel< 6.1.123-1+2
Ubuntulinux/linux_kernel< 5.15.0-135.146
CVEListV5linux/linux8459d61fbf24967839a70235165673148c7c7f172dcc86fefe09ac853158afd96b60d544af115dc5+8
debiandebian/linux< linux 6.1.123-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

10
OSV
linux-gcp-5.15 vulnerabilities2025-04-28
OSV
linux-intel-iotg-5.15 vulnerabilities2025-04-24
OSV
linux-azure-5.15, linux-azure-fde-5.15 vulnerabilities2025-04-07
OSV
linux-hwe-5.15 vulnerabilities2025-04-02
OSV
linux-realtime, linux-intel-iot-realtime vulnerabilities2025-03-28

📋Vendor Advisories

11
Ubuntu
Linux kernel (GCP) vulnerabilities2025-04-28
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2025-04-24
Ubuntu
Linux kernel (Azure) vulnerabilities2025-04-07
Ubuntu
Linux kernel (HWE) vulnerabilities2025-04-02
Ubuntu
Linux kernel (FIPS) vulnerabilities2025-03-28
CVE-2024-53206 — Use After Free in Linux | cvebase