CVE-2024-27398

CVSS v3.1

7.8

High

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The vulnerability is related to a use-after-free bug in the sco sock timeout function. When a sco connection is established and the sco socket is released, a timeout work is scheduled to check if the sco disconnection has timed out. However, the sock is deallocated later but is still dereferenced in sco sock timeout, resulting in a use-after-free bug. The root cause of the issue is due to a race condition between the cleanup thread and the worker thread. The KASAN report triggered by the proof-of-concept (POC) shows a slab-use-after-free bug in sco sock timeout.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

BDU:2024-03937

CVE-2024-27398

DLA-3840-1

DLA-3843-1

DSA-5703-1

INFSA-2025_6966

LSN-0107-1

LSN-0108-1

OESA-2024-1648

OESA-2024-1650

OESA-2024-1651

OESA-2024-1652

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

OPENSUSE-SU-2024_3623-1

OPENSUSE-SU-2024_3625-1

OPENSUSE-SU-2024_3631-1

OPENSUSE-SU-2024_3632-1

OPENSUSE-SU-2024_3639-1

OPENSUSE-SU-2024_3651-1

OPENSUSE-SU-2024_3652-1

OPENSUSE-SU-2024_3679-1

OPENSUSE-SU-2024_3685-1

OPENSUSE-SU-2024_3694-1

OPENSUSE-SU-2024_3695-1

OPENSUSE-SU-2024_3696-1

OPENSUSE-SU-2024_3697-1

OPENSUSE-SU-2024_3700-1

OPENSUSE-SU-2024_3701-1

OPENSUSE-SU-2024_3710-1

OPENSUSE-SU-2024_3793-1

OPENSUSE-SU-2024_3798-1

OPENSUSE-SU-2024_3806-1

OPENSUSE-SU-2024_3814-1

OPENSUSE-SU-2024_3815-1

OPENSUSE-SU-2024_3829-1

OPENSUSE-SU-2024_3830-1

OPENSUSE-SU-2024_3831-1

OPENSUSE-SU-2024_3837-1

OPENSUSE-SU-2024_3842-1

OPENSUSE-SU-2024_3851-1

OPENSUSE-SU-2024_3852-1

OPENSUSE-SU-2024_3854-1

OPENSUSE-SU-2024_3855-1

OPENSUSE-SU-2024_3857-1

OPENSUSE-SU-2024_3860-1

OPENSUSE-SU-2024_4122-1

OPENSUSE-SU-2024_4123-1

OPENSUSE-SU-2024_4124-1

OPENSUSE-SU-2024_4125-1

OPENSUSE-SU-2024_4180-1

OPENSUSE-SU-2024_4207-1

OPENSUSE-SU-2024_4214-1

OPENSUSE-SU-2024_4216-1

OPENSUSE-SU-2024_4218-1

OPENSUSE-SU-2024_4234-1

OPENSUSE-SU-2024_4235-1

OPENSUSE-SU-2024_4236-1

OPENSUSE-SU-2024_4243-1

OPENSUSE-SU-2024_4256-1

OPENSUSE-SU-2024_4264-1

OPENSUSE-SU-2024_4266-1

OPENSUSE-SU-2025_0101-1

OPENSUSE-SU-2025_0106-1

OPENSUSE-SU-2025_0107-1

OPENSUSE-SU-2025_0109-1

OPENSUSE-SU-2025_0114-1

OPENSUSE-SU-2025_0115-1

OPENSUSE-SU-2025_0124-1

OPENSUSE-SU-2025_0137-1

OPENSUSE-SU-2025_0146-1

OPENSUSE-SU-2025_0150-1

OPENSUSE-SU-2025_0158-1

OPENSUSE-SU-2025_0164-1

OPENSUSE-SU-2025_0238-1

OPENSUSE-SU-2025_0240-1

OPENSUSE-SU-2025_0244-1

OPENSUSE-SU-2025_0248-1

OPENSUSE-SU-2025_0251-1

OPENSUSE-SU-2025_0252-1

OPENSUSE-SU-2025_0253-1

OPENSUSE-SU-2025_0254-1

OPENSUSE-SU-2025_0261-1

OPENSUSE-SU-2025_0264-1

OPENSUSE-SU-2025_0266-1

RHSA-2025:6966

RHSA-2025_6966

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2184-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2719-1

SUSE-SU-2024:2722-1

SUSE-SU-2024:2723-1

SUSE-SU-2024:2724-1

SUSE-SU-2024:2725-1

SUSE-SU-2024:2726-1

SUSE-SU-2024:2734-1

SUSE-SU-2024:2740-1

SUSE-SU-2024:2750-1

SUSE-SU-2024:2751-1

SUSE-SU-2024:2755-1

SUSE-SU-2024:2758-1

SUSE-SU-2024:2759-1

SUSE-SU-2024:2760-1

SUSE-SU-2024:2771-1

SUSE-SU-2024:2773-1

SUSE-SU-2024:2792-1

SUSE-SU-2024:2793-1

SUSE-SU-2024:2815-1

SUSE-SU-2024:2818-1

SUSE-SU-2024:2821-1

SUSE-SU-2024:2822-1

SUSE-SU-2024:2824-1

SUSE-SU-2024:2825-1

SUSE-SU-2024:2827-1

SUSE-SU-2024:2840-1

SUSE-SU-2024:2841-1

SUSE-SU-2024:2843-1

SUSE-SU-2024:2850-1

SUSE-SU-2024:2851-1

SUSE-SU-2024:2852-1

SUSE-SU-2024:2874-1

SUSE-SU-2024:3015-1

SUSE-SU-2024:3034-1

SUSE-SU-2024:3037-1

SUSE-SU-2024:3039-1

SUSE-SU-2024:3043-1

SUSE-SU-2024:3044-1

SUSE-SU-2024:3048-1

SUSE-SU-2024:3318-1

SUSE-SU-2024:3320-1

SUSE-SU-2024:3334-1

SUSE-SU-2024:3336-1

SUSE-SU-2024:3347-1

SUSE-SU-2024:3348-1

SUSE-SU-2024:3349-1

SUSE-SU-2024:3363-1

SUSE-SU-2024:3368-1

SUSE-SU-2024:3370-1

SUSE-SU-2024:3375-1

SUSE-SU-2024:3379-1

SUSE-SU-2024:3399-1

SUSE-SU-2024:3623-1

SUSE-SU-2024:3625-1

SUSE-SU-2024:3631-1

SUSE-SU-2024:3632-1

SUSE-SU-2024:3639-1

SUSE-SU-2024:3642-1

SUSE-SU-2024:3649-1

SUSE-SU-2024:3651-1

SUSE-SU-2024:3652-1

SUSE-SU-2024:3662-1

SUSE-SU-2024:3663-1

SUSE-SU-2024:3679-1

SUSE-SU-2024:3685-1

SUSE-SU-2024:3694-1

SUSE-SU-2024:3695-1

SUSE-SU-2024:3696-1

SUSE-SU-2024:3697-1

SUSE-SU-2024:3700-1

SUSE-SU-2024:3701-1

SUSE-SU-2024:3710-1

SUSE-SU-2024:3793-1

SUSE-SU-2024:3796-1

SUSE-SU-2024:3798-1

SUSE-SU-2024:3803-1

SUSE-SU-2024:3806-1

SUSE-SU-2024:3814-1

SUSE-SU-2024:3815-1

SUSE-SU-2024:3820-1

SUSE-SU-2024:3821-1

SUSE-SU-2024:3829-1

SUSE-SU-2024:3830-1

SUSE-SU-2024:3831-1

SUSE-SU-2024:3837-1

SUSE-SU-2024:3842-1

SUSE-SU-2024:3849-1

SUSE-SU-2024:3851-1

SUSE-SU-2024:3852-1

SUSE-SU-2024:3854-1

SUSE-SU-2024:3855-1

SUSE-SU-2024:3857-1

SUSE-SU-2024:3860-1

SUSE-SU-2024:4122-1

SUSE-SU-2024:4123-1

SUSE-SU-2024:4124-1

SUSE-SU-2024:4125-1

SUSE-SU-2024:4180-1

SUSE-SU-2024:4207-1

SUSE-SU-2024:4214-1

SUSE-SU-2024:4216-1

SUSE-SU-2024:4218-1

SUSE-SU-2024:4226-1

SUSE-SU-2024:4234-1

SUSE-SU-2024:4235-1

SUSE-SU-2024:4236-1

SUSE-SU-2024:4242-1

SUSE-SU-2024:4243-1

SUSE-SU-2024:4249-1

SUSE-SU-2024:4250-1

SUSE-SU-2024:4256-1

SUSE-SU-2024:4263-1

SUSE-SU-2024:4264-1

SUSE-SU-2024:4266-1

SUSE-SU-2025:0091-1

SUSE-SU-2025:0101-1

SUSE-SU-2025:0103-1

SUSE-SU-2025:0106-1

SUSE-SU-2025:0107-1

SUSE-SU-2025:0109-1

SUSE-SU-2025:0114-1

SUSE-SU-2025:0115-1

SUSE-SU-2025:0124-1

SUSE-SU-2025:0137-1

SUSE-SU-2025:0146-1

SUSE-SU-2025:0150-1

SUSE-SU-2025:0158-1

SUSE-SU-2025:0164-1

SUSE-SU-2025:0238-1

SUSE-SU-2025:0240-1

SUSE-SU-2025:0244-1

SUSE-SU-2025:0248-1

SUSE-SU-2025:0251-1

SUSE-SU-2025:0252-1

SUSE-SU-2025:0253-1

SUSE-SU-2025:0254-1

SUSE-SU-2025:0261-1

SUSE-SU-2025:0264-1

SUSE-SU-2025:0266-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6949-1

USN-6949-2

USN-6950-1

USN-6950-2

USN-6950-3

USN-6950-4

USN-6951-1

USN-6951-2

USN-6951-3

USN-6951-4

USN-6952-1

USN-6952-2

USN-6953-1

USN-6955-1

USN-6956-1

USN-6957-1

USN-6979-1

USN-7019-1

USN-7028-1

USN-7028-2

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Hat

Red Os

Suse

Ubuntu

CVE-2024-27398

Weakness Enumeration

Related Identifiers

Affected Products

References · 4741