CVE-2024-40900

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a use-after-free vulnerability in the cachefiles component of the Linux kernel. This vulnerability can be exploited to potentially elevate privileges. The vulnerability occurs when requests are not properly removed from the cache during flushing, allowing for the possibility of accessing freed requests. The cachefiles flush reqs function is involved in this issue, and the req->msg.opcode is checked against CACHEFILES OP READ. The vulnerability can be exploited due to a concurrency issue between daemon thread1 and daemon thread2, where a request may be used after it has been freed.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2024-11002

CVE-2024-40900

DLA-4008-1

DSA-5731-1

OESA-2024-1960

OPENSUSE-SU-2024_2947-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-6999-1

USN-6999-2

USN-7004-1

USN-7005-1

USN-7005-2

USN-7008-1

USN-7029-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2024-40900

Weakness Enumeration

Related Identifiers

Affected Products

References · 2248