7.8
CVE-2024-46831
- EPSS 0.24%
- Veröffentlicht 27.09.2024 13:15:15
- Zuletzt bearbeitet 02.10.2024 14:26:13
- CVE-Watchlists
- Unerledigt
net: microchip: vcap: Fix use-after-free error in kunit test
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcap_del_rule.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.51
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.10
Linux ≫ Linux Kernel Version6.11 Updaterc1
Linux ≫ Linux Kernel Version6.11 Updaterc2
Linux ≫ Linux Kernel Version6.11 Updaterc3
Linux ≫ Linux Kernel Version6.11 Updaterc4
Linux ≫ Linux Kernel Version6.11 Updaterc5
Linux ≫ Linux Kernel Version6.11 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.147 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/a3c1e45156ad39f225cd7ddae0f81230a3b1e657
https://git.kernel.org/stable/c/b0804c286ccfcf5f5c004d5bf8a54c0508b5e86b
https://git.kernel.org/stable/c/f7fe95f40c85311c98913fe6ae2c56adb7f767a7