PT-2024-35620 · Linux+8 · Linux Kernel+8
Yang Erkun
·
Published
2024-11-18
·
Updated
2025-11-07
·
CVE-2024-53174
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.12.0-rc3+
Description
A vulnerability in the Linux kernel has been resolved, related to the SUNRPC module. The function
c show was called with protection from RCU, which only ensures that cp will not be freed. However, the reference count for cp can drop to zero, triggering a refcount use-after-free warning when cache get is called. To resolve this issue, cache get rcu is used to ensure that cp remains active. This vulnerability can cause a use-after-free warning, as seen in the call trace.Recommendations
To resolve this issue, update to a version of the Linux kernel that includes the fix, which ensures that
cp remains active by using cache get rcu.
As a temporary workaround, consider disabling the c show function until a patch is available.
Restrict access to the SUNRPC module to minimize the risk of exploitation.
Avoid using the cache get function in the affected API endpoint until the issue is resolved.Exploit
Fix
Use After Free
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu