PT-2024-2015 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2024-01-30

·

Updated

2025-02-03

·

CVE-2024-26625

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0
Description The vulnerability exists due to insufficient input validation in the sock orphan() function of the Linux kernel. Exploitation of the vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. The issue is caused by a stale sk->sk wq pointer in a closed llc socket.
Recommendations To resolve the issue, update the Linux kernel to version 6.8.0 or later. If updating is not possible, consider temporarily disabling the sock orphan() function until a patch is available. However, this is not recommended as it may cause other issues.
Note: The provided information does not specify the exact versions affected, but it mentions that the issue is resolved in version 6.8.0. Therefore, it is assumed that all versions prior to 6.8.0 are affected.

Exploit

Fix

Use After Free

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-20

Related Identifiers

BDU:2024-01878
CVE-2024-26625
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
OESA-2024-1353
OESA-2024-1355
OESA-2024-1356
OESA-2024-1357
OESA-2024-1392
OESA-2024-1393
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:1979-1
SUSE-SU-2024:1983-1
SUSE-SU-2024:2184-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6688-1
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6767-1
USN-6767-2
USN-6795-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4
USN-6828-1
USN-7183-1
USN-7184-1
USN-7185-1
USN-7185-2

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu