PT-2024-1004 · Linux+10 · Linux Kernel+10

Clement Lecigne

Published

2024-05-29

Updated

2025-12-25

CVE-2024-36971

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a weakness in the Linux kernel's network, specifically in the dst negative advice() function, which does not enforce proper RCU rules when sk->dst cache must be cleared, leading to possible use-after-free (UAF). This could allow remote code execution with system execution privileges needed, and user interaction is not required for exploitation. The vulnerability has been actively exploited in real-world scenarios, posing a severe risk to Android users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:5101

ALSA-2024:5102

ALSA-2024:5363

ALSA-2025_16880

ALT-PU-2024-10855

ALT-PU-2024-11524

ALT-PU-2024-13979

ALT-PU-2024-14046

ALT-PU-2024-17597

ASB-A-343727534

AZL-42615

AZL-42622

BDU:2024-04585

CESA-2024_5101

CESA-2024_5102

CESA-2024_5522

CVE-2024-36971

DLA-3840-1

DSA-5730-1

INFSA-2024_5101

INFSA-2024_5102

INFSA-2024_5363

OESA-2024-1737

OESA-2024-1738

OESA-2024-1767

OESA-2024-2296

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

OPENSUSE-SU-2024_3585-1

OPENSUSE-SU-2025_0238-1

OPENSUSE-SU-2025_0239-1

OPENSUSE-SU-2025_0240-1

OPENSUSE-SU-2025_0241-1

OPENSUSE-SU-2025_0242-1

OPENSUSE-SU-2025_0243-1

OPENSUSE-SU-2025_0244-1

OPENSUSE-SU-2025_0245-1

OPENSUSE-SU-2025_0246-1

OPENSUSE-SU-2025_0248-1

OPENSUSE-SU-2025_0249-1

OPENSUSE-SU-2025_0250-1

OPENSUSE-SU-2025_0251-1

OPENSUSE-SU-2025_0252-1

OPENSUSE-SU-2025_0253-1

OPENSUSE-SU-2025_0254-1

OPENSUSE-SU-2025_0255-1

OPENSUSE-SU-2025_0260-1

OPENSUSE-SU-2025_0261-1

OPENSUSE-SU-2025_0263-1

OPENSUSE-SU-2025_0264-1

OPENSUSE-SU-2025_0266-1

RHSA-2024:5101

RHSA-2024:5102

RHSA-2024:5255

RHSA-2024:5256

RHSA-2024:5257

RHSA-2024:5259

RHSA-2024:5261

RHSA-2024:5266

RHSA-2024:5281

RHSA-2024:5282

RHSA-2024:5363

RHSA-2024:5364

RHSA-2024:5365

RHSA-2024:5388

RHSA-2024:5519

RHSA-2024:5520

RHSA-2024:5521

RHSA-2024:5522

RHSA-2024:5523

RHSA-2024:5582

RHSA-2024:5858

RHSA-2024_5101

RHSA-2024_5102

RHSA-2024_5363

RLSA-2024:5101

RLSA-2024:5102

RLSA-2024:5363

RXSA-2024:5101

SUSE-SU-2024:2372-1

SUSE-SU-2024:2385-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2495-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2024:3565-1

SUSE-SU-2024:3585-1

SUSE-SU-2024:4081-1

SUSE-SU-2025:0238-1

SUSE-SU-2025:0239-1

SUSE-SU-2025:0240-1

SUSE-SU-2025:0241-1

SUSE-SU-2025:0242-1

SUSE-SU-2025:0243-1

SUSE-SU-2025:0244-1

SUSE-SU-2025:0245-1

SUSE-SU-2025:0246-1

SUSE-SU-2025:0248-1

SUSE-SU-2025:0249-1

SUSE-SU-2025:0250-1

SUSE-SU-2025:0251-1

SUSE-SU-2025:0252-1

SUSE-SU-2025:0253-1

SUSE-SU-2025:0254-1

SUSE-SU-2025:0255-1

SUSE-SU-2025:0260-1

SUSE-SU-2025:0261-1

SUSE-SU-2025:0263-1

SUSE-SU-2025:0264-1

SUSE-SU-2025:0266-1

SUSE-SU-2025:0268-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6951-1

USN-6951-2

USN-6951-3

USN-6951-4

USN-6953-1

USN-6979-1

USN-6999-1

USN-6999-2

USN-7004-1

USN-7005-1

USN-7005-2

USN-7007-1

USN-7007-2

USN-7007-3

USN-7008-1

USN-7009-1

USN-7009-2

USN-7019-1

USN-7029-1

USN-7069-1

USN-7069-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-1004 · Linux+10 · Linux Kernel+10

CVE-2024-36971

Weakness Enumeration

Related Identifiers

Affected Products

References · 4284