Use-after-free in Linux kernel cachefiles



| Updated: 2025-05-13
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-40899
CWE-ID CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Use-after-free

EUVDB-ID: #VU94227

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40899

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cachefiles_req_put(), cachefiles_ondemand_daemon_read() and cachefiles_ondemand_send_req() functions in fs/cachefiles/ondemand.c. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.1 - 6.6.34

CPE2.3 External links

https://git.kernel.org/stable/c/99e9c5bd27ddefa0f9db88625bf5e31c1e833d62
https://git.kernel.org/stable/c/a6de82765e12fb1201ab607f0d3ffe3309b30fc0
https://git.kernel.org/stable/c/1d902d9a3aa4f2a8bda698294e34be788be012fc
https://git.kernel.org/stable/c/de3e26f9e5b76fc628077578c001c4a51bf54d06
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.95
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.35


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###