#VU102912 Use-after-free in Linux kernel - CVE-2024-57849
Vulnerability identifier: #VU102912
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cpumsf_pmu_stop() function in arch/s390/kernel/perf_cpum_sf.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: 6.12, 6.12.1, 6.12.2, 6.12.3, 6.12.4
External links
https://git.kernel.org/stable/c/06a92f810df8037ca36157282ddcbefdcaf049b8
https://git.kernel.org/stable/c/238e3af849dfdcb1faed544349f7025e533f9aab
https://git.kernel.org/stable/c/99192c735ed4bfdff0d215ec85c8a87a677cb898
https://git.kernel.org/stable/c/a0bd7dacbd51c632b8e2c0500b479af564afadf3
https://git.kernel.org/stable/c/a69752f1e5de817941a2ea0609254f6f25acd274
https://git.kernel.org/stable/c/b5be6a0bb639d165c8418d8dddd8f322587be8be
https://git.kernel.org/stable/c/be54e6e0f93a39a9c00478d70d12956a5f3d5b9b
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.5
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
