CVE-2024-46831

EPSS 0.02%
Veröffentlicht 27.09.2024 13:15:15
Zuletzt bearbeitet 02.10.2024 14:26:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: microchip: vcap: Fix use-after-free error in kunit test

This is a clear use-after-free error. We remove it, and rely on checking
the return code of vcap_del_rule.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.51

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.10

Linux ≫ Linux Kernel Version6.11 Updaterc1

Linux ≫ Linux Kernel Version6.11 Updaterc2

Linux ≫ Linux Kernel Version6.11 Updaterc3

Linux ≫ Linux Kernel Version6.11 Updaterc4

Linux ≫ Linux Kernel Version6.11 Updaterc5

Linux ≫ Linux Kernel Version6.11 Updaterc6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.035

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/a3c1e45156ad39f225cd7ddae0f81230a3b1e657

Patch

https://git.kernel.org/stable/c/b0804c286ccfcf5f5c004d5bf8a54c0508b5e86b

Patch

https://git.kernel.org/stable/c/f7fe95f40c85311c98913fe6ae2c56adb7f767a7

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-46831

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-46831

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-46831

EUVD