Lucene search
LinuxVULNRICHMENT:CVE-2024-40909HistoryJul 12, 2024 - 12:20 p.m.
CVE-2024-40909 bpf: Fix a potential use-after-free in bpf_link_free()
2024-07-1212:20:48
Linux
github.com
2
linux kernel
bpf
use-after-free
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a potential use-after-free in bpf_link_free()
After commit 1a80dbcb2dba, bpf_link can be freed by
link->ops->dealloc_deferred, but the code still tests and uses
link->ops->dealloc afterward, which leads to a use-after-free as
reported by syzbot. Actually, one of them should be sufficient, so
just call one of them instead of both. Also add a WARN_ON() in case
of any problematic implementation.
Related
osv
osv
CVE-2024-40909
2024-07-12 13:15:14
klp-build-0~20240812.ad9f0e0-1.1 on GA media
2024-08-14 00:00:00
linux-nvidia-6.8 vulnerabilities
2024-09-13 11:22:12
ubuntucve
ubuntucve
CVE-2024-40909
2024-07-12 00:00:00
cvelist
cvelist
CVE-2024-40909 bpf: Fix a potential use-after-free in bpf_link_free()
2024-07-12 12:20:48
cve
cve
CVE-2024-40909
2024-07-12 13:15:14
debiancve
debiancve
CVE-2024-40909
2024-07-12 13:15:14
redhatcve
redhatcve
CVE-2024-40909
2024-07-16 14:37:55
nvd
nvd
CVE-2024-40909
2024-07-12 13:15:14
openvas
openvas
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-6999-1)
2024-09-12 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-1)
2024-09-11 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7004-1)
2024-09-12 00:00:00
AI Score
7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-40909