CVE-2024-53103
Published: December 3, 2024Last modified: December 3, 2024
Description
In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.119-r0) |
| 25 LTS | linux-lts | Fixed (6.12.41-r0) | |
| Stream | linux-lts | Fixed (6.12.41-r0) |
References
- https://git.kernel.org/stable/c/285266ef92f7b4bf7d26e1e95e215ce6a6badb4a
- https://git.kernel.org/stable/c/414476c4fb11be070c09ab8f3e75c9ee324a108a
- https://git.kernel.org/stable/c/4bdc5a62c6e50600d8a1c3e18fd6dce0c27c9497
- https://git.kernel.org/stable/c/4fe1d42f2acc463b733bb42e3f8e67dbc2a0eb2d
- https://git.kernel.org/stable/c/7cf25987820350cb950856c71b409e5b6eed52bd
- https://git.kernel.org/stable/c/8621725afb38e111969c64280b71480afde2aace
- https://git.kernel.org/stable/c/98d8dde9232250a57ad5ef16479bf6a349e09b80
- https://git.kernel.org/stable/c/e0fe3392371293175f25028020ded5267f4cd8e3
- https://git.kernel.org/stable/c/e629295bd60abf4da1db85b82819ca6a4f6c1e79