PT-2024-36961 · Linux+7 · Linux Kernel+7
Dario Binacchi
·
Published
2024-11-26
·
Updated
2026-03-14
·
CVE-2024-56651
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A potential use-after-free issue has been identified in the Linux kernel, specifically in the
hi3110 can ist() function. This issue arises from the commit a22bd630cfff, which removed the reporting of txerr and rxerr even during correct operation. The error count information added to the CAN frame after netif rx() may be accessed after the skb has been freed or reused, leading to a potential use-after-free. The issue is resolved by postponing the netif rx() call in case of txerr and rxerr reporting.Recommendations
For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider postponing the
netif rx() call in case of txerr and rxerr reporting to minimize the risk of exploitation.Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu