Linux · Linux Kernel · CVE-2024-26689
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a "use after free" error in the `encode cap msg()` function, which is called by ` send cap()` and `ceph check caps()` after calling ` prep cap()`. This error occurs due to a race condition where the resource is freed by the `handle cap grant()` function before the refcount can be incremented. The error was caught by KASAN at the line `ceph buffer get(arg->xattr buf)`. The vulnerability may allow an attacker to impact the confidentiality and availability of protected information.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.