CVE-2024-26619

HIGH

Linux Kernel 6.7-6.7.2 - Use-After-Free in Module Loading

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module loading free order Reverse order of kfree calls to resolve use-after-free error.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/2fa79badf4bfeffda6b5032cf62b828486ec9a99

Patch

https://git.kernel.org/stable/c/78996eee79ebdfe8b6f0e54cb6dcc792d5129291

Scores

CVSS v3 7.8

EPSS 0.0027

EPSS Percentile 19.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (8)

linux/Kernel 6.7.0 - 6.7.3linux

Linux/Linux < 6.7

Linux/Linux 6.7

Linux/Linux 6.7.3 - 6.7.*

Linux/Linux 6.8

Linux/Linux d8792a5734b0f3e58b898c2e2f910bfac48e9ee3 - 2fa79badf4bfeffda6b5032cf62b828486ec9a99

Linux/Linux d8792a5734b0f3e58b898c2e2f910bfac48e9ee3 - 78996eee79ebdfe8b6f0e54cb6dcc792d5129291

linux/linux_kernel 6.7 - 6.7.3

Published Mar 11, 2024

Tracked Since Feb 18, 2026