CVE-2024-26582

EPSS 0.02%
Veröffentlicht 21.02.2024 15:15:09
Zuletzt bearbeitet 21.11.2024 09:02:35
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: tls: fix use-after-free with partial reads and async decrypt

tls_decrypt_sg doesn't take a reference on the pages from clear_skb,
so the put_page() in tls_decrypt_done releases them, and we trigger
a use-after-free in process_rx_list when we try to read from the
partially-read skb.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.0 < 6.1.79

Linux ≫ Linux Kernel Version >= 6.2.0 < 6.6.18

Linux ≫ Linux Kernel Version >= 6.7.0 < 6.7.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.021

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/20b4ed034872b4d024b26e2bc1092c3f80e5db96

Patch

https://git.kernel.org/stable/c/32b55c5ff9103b8508c1e04bfa5a08c64e7a925f

Patch

https://git.kernel.org/stable/c/754c9bab77a1b895b97bd99d754403c505bc79df

Patch

https://git.kernel.org/stable/c/d684763534b969cca1022e2a28645c7cc91f7fa5

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-26582

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-26582

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-26582

EUVD