CVE-2024-27394

HIGH

Linux Kernel 6.7-6.8.9 - Use-After-Free in tcp_ao_connect_init

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcp_ao_connect_init Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of tcp_ao_connect_init, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/ca4fb6c6764b3f75b4f5aa81db1536291897ff7f

Patch

https://git.kernel.org/stable/c/80e679b352c3ce5158f3f778cfb77eb767e586fb

Scores

CVSS v3 7.4

EPSS 0.0026

EPSS Percentile 17.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (9)

linux/Kernel 6.7.0 - 6.8.9linux

Linux/Linux < 6.7

Linux/Linux 6.7

Linux/Linux 6.8.9 - 6.8.*

Linux/Linux 6.9

Linux/Linux 7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f - 80e679b352c3ce5158f3f778cfb77eb767e586fb

Linux/Linux 7c2ffaf21bd67f73d21560995ce17eaf5fc1d37f - ca4fb6c6764b3f75b4f5aa81db1536291897ff7f

linux/linux_kernel 6.9 rc1 (5 CPE variants)

linux/linux_kernel 6.7 - 6.8.9

Published May 14, 2024

Tracked Since Feb 18, 2026