Use-after-free in Linux kernel ipv4



| Updated: 2025-05-14
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-26865
CWE-ID CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Use-after-free

EUVDB-ID: #VU90195

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26865

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcp_twsk_purge() function in net/ipv4/tcp_minisocks.c. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.1 - 6.8.1

CPE2.3 External links

https://git.kernel.org/stable/c/9905a157048f441f1412e7bd13372f4a971d75c6
https://git.kernel.org/stable/c/f901ee07853ce97e9f1104c7c898fbbe447f0279
https://git.kernel.org/stable/c/9ceac040506a05a30b104b2aa2e9146810704500
https://git.kernel.org/stable/c/1e9fd5cf8d7f487332560f7bb312fc7d416817f3
https://git.kernel.org/stable/c/2a750d6a5b365265dbda33330a6188547ddb5c24
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.23
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.11
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.2


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###