Description
A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Linux / Kernel2.6.12 – 6.7
References
- MISChttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=e2b706c691905fe78468c361aaabc719d0a496f1
- MISChttps://kernel.dance/e2b706c691905fe78468c361aaabc719d0a496f1
- MAILING_LISThttps://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
- MAILING_LISThttps://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
- EXPLOIThttp://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html