CVE-2024-56651

EPSS 0.05%
Veröffentlicht 27.12.2024 15:15:24
Zuletzt bearbeitet 03.11.2025 21:18:14
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

can: hi311x: hi3110_can_ist(): fix potential use-after-free

The commit a22bd630cfff ("can: hi311x: do not report txerr and rxerr
during bus-off") removed the reporting of rxerr and txerr even in case
of correct operation (i. e. not bus-off).

The error count information added to the CAN frame after netif_rx() is
a potential use after free, since there is no guarantee that the skb
is in the same state. It might be freed or reused.

Fix the issue by postponing the netif_rx() call in case of txerr and
rxerr reporting.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.14.291 < 4.15

Linux ≫ Linux Kernel Version >= 4.19.256 < 4.20

Linux ≫ Linux Kernel Version >= 5.4.211 < 5.5

Linux ≫ Linux Kernel Version >= 5.10.137 < 5.11

Linux ≫ Linux Kernel Version >= 5.15.61 < 5.16

Linux ≫ Linux Kernel Version >= 5.18.18 < 5.19

Linux ≫ Linux Kernel Version >= 5.19.2 < 5.20

Linux ≫ Linux Kernel Version >= 6.0 < 6.1.120

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.66

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.5

Linux ≫ Linux Kernel Version6.13 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.146

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/1128022009444faf49359bd406cd665b177cb643

Patch

https://git.kernel.org/stable/c/4ad77eb8f2e07bcfa0e28887d3c7dbb732d92cc1

Patch

https://git.kernel.org/stable/c/9ad86d377ef4a19c75a9c639964879a5b25a433b

Patch

https://git.kernel.org/stable/c/bc30b2fe8c54694f8ae08a5b8a5d174d16d93075

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-56651

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-56651

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-56651

EUVD