CVE-2024-26856

HIGH

Linux Kernel < 5.15.152 - Use After Free

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: Fix use after free inside sparx5_del_mact_entry Based on the static analyzis of the code it looks like when an entry from the MAC table was removed, the entry was still used after being freed. More precise the vid of the mac_entry was used after calling devm_kfree on the mac_entry. The fix consists in first using the vid of the mac_entry to delete the entry from the HW and after that to free it.

References (5)

[Mailing List, Patch] https://git.kernel.org/stable/c/0de693d68b0a18d5e256556c7c62d92cca35ad52

[Mailing List, Patch] https://git.kernel.org/stable/c/71809805b95052ff551922f11660008fb3666025

[Mailing List, Patch] https://git.kernel.org/stable/c/89d72d4125e94aa3c2140fedd97ce07ba9e37674

[Mailing List, Patch] https://git.kernel.org/stable/c/e46274df1100fb0c06704195bfff5bfbd418bf64

[Mailing List, Patch] https://git.kernel.org/stable/c/e83bebb718fd1f42549358730e1206164e0861d6

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 5.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-416

Status published

Affected Products (11)

linux/linux_kernel < 5.15.152

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/Kernel < 5.15.152linux

linux/Kernel < 6.1.82linux

linux/Kernel < 6.6.22linux

linux/Kernel < 6.7.10linux

Timeline

Published Apr 17, 2024

Tracked Since Feb 18, 2026