Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-27394
HistoryMay 14, 2024 - 12:00 a.m.

CVE-2024-27394

2024-05-1400:00:00
ubuntu.com
ubuntu.com
8
cve-2024-27394
tcp
use-after-free
unix

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

In the Linux kernel, the following vulnerability has been resolved: tcp:
Fix Use-After-Free in tcp_ao_connect_init Since call_rcu, which is called
in the hlist_for_each_entry_rcu traversal of tcp_ao_connect_init, is not
part of the RCU read critical section, it is possible that the RCU grace
period will pass during the traversal and the key will be free. To prevent
this, it should be changed to hlist_for_each_entry_safe.

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%