PT-2024-10132 · Linux+10 · Linux Kernel+10
Abagail Ren
·
Published
2024-12-10
·
Updated
2025-11-12
·
CVE-2024-56672
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
The issue is related to a Use-After-Free (UAF) vulnerability in the
blkcg unpin online() function in the Linux kernel's block control group (blk-cgroup) subsystem. The vulnerability occurs when the blkcg unpin online() function walks up the blkcg hierarchy, putting the online pin, and uses blkcg parent(blkcg) after blkcg destroy blkgs(blkcg), which could free the blkcg, leading to a UAF. The UAF is not easy to trigger as the free path is indirected behind a couple RCU grace periods and a work item execution.Recommendations
To resolve the issue, update the Linux kernel to version 6.6.74 or later. As a temporary workaround, consider restricting access to the vulnerable
blkcg unpin online() function until a patch is available. Note that the UAF is not easy to trigger, but updating the kernel to a fixed version is still recommended to ensure the security of the system.Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu