PT-2024-4106 · Linux+10 · Linux Kernel+10

Anderson Nascimento

Published

2024-05-02

Updated

2025-09-29

CVE-2024-36904

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37

Description The vulnerability is related to the tcp twsk unique() function in the Linux kernel's IPv4 implementation. It is caused by a use-after-free issue due to a race condition between threads trying to reuse a port during the connect() call. This can lead to a real use-after-free somewhere else, potentially allowing an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.37 or later. If updating is not possible, consider temporarily disabling the tcp twsk unique() function or restricting access to the vulnerable module to minimize the risk of exploitation.

Exploit

Fix

RCE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-703

Related Identifiers

ALSA-2024:4583

ALSA-2024:5101

ALSA-2024:5102

ALSA-2025_16880

ALT-PU-2024-17595

ALT-PU-2024-17905

ALT-PU-2024-9131

BDU:2024-04557

CESA-2024_5101

CESA-2024_5102

CVE-2024-36904

DLA-3840-1

DLA-3843-1

DSA-5703-1

INFSA-2024_4583

INFSA-2024_5101

INFSA-2024_5102

MGASA-2024-0263

MGASA-2024-0266

OESA-2024-2029

OESA-2024-2030

OESA-2024-2031

OESA-2024-2181

OPENSUSE-SU-2024_2362-1

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

OPENSUSE-SU-2024_4120-1

OPENSUSE-SU-2024_4122-1

OPENSUSE-SU-2024_4123-1

OPENSUSE-SU-2024_4124-1

OPENSUSE-SU-2024_4125-1

OPENSUSE-SU-2024_4127-1

OPENSUSE-SU-2024_4141-1

OPENSUSE-SU-2024_4177-1

OPENSUSE-SU-2024_4179-1

OPENSUSE-SU-2024_4180-1

OPENSUSE-SU-2024_4206-1

OPENSUSE-SU-2024_4207-1

OPENSUSE-SU-2024_4208-1

OPENSUSE-SU-2024_4214-1

OPENSUSE-SU-2024_4216-1

OPENSUSE-SU-2024_4217-1

OPENSUSE-SU-2024_4218-1

OPENSUSE-SU-2024_4220-1

OPENSUSE-SU-2024_4227-1

OPENSUSE-SU-2024_4228-1

OPENSUSE-SU-2024_4230-1

OPENSUSE-SU-2024_4234-1

OPENSUSE-SU-2024_4235-1

OPENSUSE-SU-2024_4236-1

OPENSUSE-SU-2024_4243-1

OPENSUSE-SU-2024_4246-1

OPENSUSE-SU-2024_4256-1

OPENSUSE-SU-2024_4264-1

OPENSUSE-SU-2024_4265-1

OPENSUSE-SU-2024_4266-1

OPENSUSE-SU-2024_4275-1

OPENSUSE-SU-2024_4276-1

OPENSUSE-SU-2025_0101-1

OPENSUSE-SU-2025_0106-1

OPENSUSE-SU-2025_0107-1

OPENSUSE-SU-2025_0109-1

OPENSUSE-SU-2025_0110-1

OPENSUSE-SU-2025_0114-1

OPENSUSE-SU-2025_0115-1

OPENSUSE-SU-2025_0124-1

OPENSUSE-SU-2025_0131-1

OPENSUSE-SU-2025_0137-1

OPENSUSE-SU-2025_0138-1

OPENSUSE-SU-2025_0146-1

OPENSUSE-SU-2025_0150-1

OPENSUSE-SU-2025_0158-1

OPENSUSE-SU-2025_0164-1

OPENSUSE-SU-2025_0187-1

OPENSUSE-SU-2025_0238-1

OPENSUSE-SU-2025_0239-1

OPENSUSE-SU-2025_0240-1

OPENSUSE-SU-2025_0244-1

OPENSUSE-SU-2025_0248-1

OPENSUSE-SU-2025_0249-1

OPENSUSE-SU-2025_0251-1

OPENSUSE-SU-2025_0252-1

OPENSUSE-SU-2025_0253-1

OPENSUSE-SU-2025_0254-1

OPENSUSE-SU-2025_0255-1

OPENSUSE-SU-2025_0260-1

OPENSUSE-SU-2025_0261-1

OPENSUSE-SU-2025_0264-1

OPENSUSE-SU-2025_0266-1

RHSA-2024:4583

RHSA-2024:4823

RHSA-2024:4831

RHSA-2024:5101

RHSA-2024:5102

RHSA-2024:5692

RHSA-2024:6206

RHSA-2024_4583

RHSA-2024_5101

RHSA-2024_5102

RLSA-2024:4583

RLSA-2024:5101

RLSA-2024:5102

RXSA-2024:5101

SUSE-SU-2024:2362-1

SUSE-SU-2024:2365-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2384-1

SUSE-SU-2024:2385-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2495-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2024:4120-1

SUSE-SU-2024:4122-1

SUSE-SU-2024:4123-1

SUSE-SU-2024:4124-1

SUSE-SU-2024:4125-1

SUSE-SU-2024:4127-1

SUSE-SU-2024:4129-1

SUSE-SU-2024:4141-1

SUSE-SU-2024:4177-1

SUSE-SU-2024:4179-1

SUSE-SU-2024:4180-1

SUSE-SU-2024:4206-1

SUSE-SU-2024:4207-1

SUSE-SU-2024:4208-1

SUSE-SU-2024:4214-1

SUSE-SU-2024:4216-1

SUSE-SU-2024:4217-1

SUSE-SU-2024:4218-1

SUSE-SU-2024:4220-1

SUSE-SU-2024:4227-1

SUSE-SU-2024:4228-1

SUSE-SU-2024:4230-1

SUSE-SU-2024:4231-1

SUSE-SU-2024:4234-1

SUSE-SU-2024:4235-1

SUSE-SU-2024:4236-1

SUSE-SU-2024:4241-1

SUSE-SU-2024:4242-1

SUSE-SU-2024:4243-1

SUSE-SU-2024:4246-1

SUSE-SU-2024:4250-1

SUSE-SU-2024:4256-1

SUSE-SU-2024:4263-1

SUSE-SU-2024:4264-1

SUSE-SU-2024:4265-1

SUSE-SU-2024:4266-1

SUSE-SU-2024:4275-1

SUSE-SU-2024:4276-1

SUSE-SU-2025:0101-1

SUSE-SU-2025:0106-1

SUSE-SU-2025:0107-1

SUSE-SU-2025:0109-1

SUSE-SU-2025:0110-1

SUSE-SU-2025:0114-1

SUSE-SU-2025:0115-1

SUSE-SU-2025:0124-1

SUSE-SU-2025:0131-1

SUSE-SU-2025:0137-1

SUSE-SU-2025:0138-1

SUSE-SU-2025:0146-1

SUSE-SU-2025:0150-1

SUSE-SU-2025:0158-1

SUSE-SU-2025:0164-1

SUSE-SU-2025:0187-1

SUSE-SU-2025:0238-1

SUSE-SU-2025:0239-1

SUSE-SU-2025:0240-1

SUSE-SU-2025:0244-1

SUSE-SU-2025:0248-1

SUSE-SU-2025:0249-1

SUSE-SU-2025:0251-1

SUSE-SU-2025:0252-1

SUSE-SU-2025:0253-1

SUSE-SU-2025:0254-1

SUSE-SU-2025:0255-1

SUSE-SU-2025:0260-1

SUSE-SU-2025:0261-1

SUSE-SU-2025:0264-1

SUSE-SU-2025:0266-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6949-1

USN-6949-2

USN-6950-1

USN-6950-2

USN-6950-3

USN-6950-4

USN-6951-1

USN-6951-2

USN-6951-3

USN-6951-4

USN-6952-1

USN-6952-2

USN-6953-1

USN-6955-1

USN-6956-1

USN-6957-1

USN-6979-1

USN-7019-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-4106 · Linux+10 · Linux Kernel+10

CVE-2024-36904

Weakness Enumeration

Related Identifiers

Affected Products

References · 4094