CVE-2024-57857

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the RDMA/siw component in the Linux kernel. It was resolved by removing the direct link to net device and instead relying on the management of net device by associated ib devices. A local link to net device was not properly managed, leading to a 'KASAN: slab-use-after-free' exception during the siw query port() call.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2025-12647

AZL-58974

AZL-59028

BDU:2025-02804

CVE-2024-57857

ECHO-58D6-0BF5-AF10

OESA-2025-1202

OESA-2025-1203

OESA-2025-1446

OESA-2025-1450

OPENSUSE-SU-2025_0428-1

OPENSUSE-SU-2025_0499-1

OPENSUSE-SU-2025_0557-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:0428-1

SUSE-SU-2025:0499-1

SUSE-SU-2025:0557-1

SUSE-SU-2025:20165-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20248-1

SUSE-SU-2025:20249-1

SUSE-SU-2025_0428-1

SUSE-SU-2025_0499-1

SUSE-SU-2025_0557-1

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-57857

Weakness Enumeration

Related Identifiers

Affected Products

References · 1966