4 matches found
CVE-2024-40954
The CVE-2024-40954 entry concerns a Linux kernel UAF: a dangling sk pointer may be created on socket creation failure when an fentry probe hits __sock_release() and bpf_get_socket_cookie() is invoked, enabling a use-after-free in __sock_gen_cookie. Reproducing scenario described via traceroute -I...
CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...
CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...