8 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-27394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcpaoconnectinit Since callrcu, which is called in the...
The vulnerability of the tcp_ao_connect_init() function in the Linux operating system’s IPv4 protocol implementation allows a hacker to cause a service failure.
The vulnerability of the tcpaoconnectinit function in the net/ipv4/tcpao.c module of the Linux kernel’s IPv4 protocol implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2024-27394
A use-after-free UAF vulnerability was found in the TCP implementation of the Linux kernel. This issue occurs when memory that has been deallocated is accessed or incorrectly, potentially leading to security risks, such as data corruption or arbitrary code execution. Mitigation Mitigation for thi...
CVE-2024-27394
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcpaoconnectinit Since callrcu, which is called in the hlistforeachentryrcu traversal of tcpaoconnectinit, is not part of the RCU read critical section, it is possible that the RCU grace period will pas...
UBUNTU-CVE-2024-27394
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcpaoconnectinit Since callrcu, which is called in the hlistforeachentryrcu traversal of tcpaoconnectinit, is not part of the RCU read critical section, it is possible that the RCU grace period will pas...
CVE-2024-27394 tcp: Fix Use-After-Free in tcp_ao_connect_init
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcpaoconnectinit Since callrcu, which is called in the hlistforeachentryrcu traversal of tcpaoconnectinit, is not part of the RCU read critical section, it is possible that the RCU grace period will pas...
CVE-2024-27394
CVE-2024-27394 affects the Linux kernel, in the tcp_ao_connect_init path. The vulnerability arises because call_rcu is used during hlist_for_each_entry_rcu traversal outside the RCU read critical section, allowing the RCU grace period to pass while the key may still be referenced, creating a Use-...
CVE-2024-27394 tcp: Fix Use-After-Free in tcp_ao_connect_init
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix Use-After-Free in tcpaoconnectinit Since callrcu, which is called in the hlistforeachentryrcu traversal of tcpaoconnectinit, is not part of the RCU read critical section, it is possible that the RCU grace period will pas...