CVE-2024-42075

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arena_vm_close.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e	Patch
https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf	Patch
https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e	Patch
https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-07-29 16:15

Updated : 2024-11-21 09:33

NVD link : CVE-2024-42075

Mitre link : CVE-2024-42075

CVE.ORG link : CVE-2024-42075

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

{"id": "CVE-2024-42075", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-29T16:15:06.900", "references": [{"url": "https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix remap of arena.\n\nThe bpf arena logic didn't account for mremap operation. Add a refcnt for\nmultiple mmap events to prevent use-after-free in arena_vm_close."}, {"lang": "es", "value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: bpf: Se corrigi\u00f3 la reasignaci\u00f3n de arena. La l\u00f3gica de bpf arena no tuvo en cuenta la operaci\u00f3n de mremap. Agregue un refcnt para m\u00faltiples eventos mmap para evitar el uso despu\u00e9s de la liberaci\u00f3n en arena_vm_close."}], "lastModified": "2024-11-21T09:33:32.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18FE1EAE-C36C-49FC-A5E0-0A661CDC561E", "versionEndExcluding": "6.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1557DCF8-46D3-4910-8B19-5C77412AB681", "versionEndExcluding": "6.9.8", "versionStartIncluding": "6.9.1"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}