7.8

CVE-2024-56603

net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved:

net: af_can: do not leave a dangling sk pointer in can_create()

On error can_create() frees the allocated sk object, but sock_init_data()
has already attached it to the provided sock object. This will leave a
dangling sk pointer in the sock object and may cause use-after-free later.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.4.287
LinuxLinux Kernel Version >= 5.5 < 5.10.231
LinuxLinux Kernel Version >= 5.11 < 5.15.174
LinuxLinux Kernel Version >= 5.16 < 6.1.120
LinuxLinux Kernel Version >= 6.2 < 6.6.66
LinuxLinux Kernel Version >= 6.7 < 6.12.5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.13
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/1fe625f12d090d69f3f084990c7e4c1ff94bfe5f
Patch
https://git.kernel.org/stable/c/5947c9ac08f0771ea8ed64186b0d52e9029cb6c0
Patch
https://git.kernel.org/stable/c/811a7ca7320c062e15d0f5b171fe6ad8592d1434
Patch
https://git.kernel.org/stable/c/884ae8bcee749be43a071d6ed2d89058dbd2425c
Patch
https://git.kernel.org/stable/c/8df832e6b945e1ba61467d7f1c9305e314ae92fe
Patch
https://git.kernel.org/stable/c/ce39b5576785bb3e66591145aad03d66bc3e778d
Patch
https://git.kernel.org/stable/c/db207d19adbac96058685f6257720906ad41d215
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html