Executive Summary

Informations
Name CVE-2024-44986 First vendor Publication 2024-09-04
Vendor Cve Last vendor Modification 2024-09-05

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 7.8
Base Score 7.8 Environmental Score 7.8
impact SubScore 5.9 Temporal Score 7.8
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in ip6_finish_output2()

If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed.

We need to hold rcu_read_lock() to make sure the dst and associated idev are alive.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44986

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-416 Use After Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3603

Sources (Detail)

https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e
https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be127b0578a
https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b
https://git.kernel.org/stable/c/da273b377ae0d9bd255281ed3c2adb228321687b
https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2024-10-03 02:53:32
  • Multiple Updates
2024-10-02 02:51:56
  • Multiple Updates
2024-09-15 02:49:31
  • Multiple Updates
2024-09-12 00:27:30
  • Multiple Updates
2024-09-06 21:27:40
  • Multiple Updates
2024-09-06 00:27:28
  • Multiple Updates
2024-09-05 21:27:28
  • Multiple Updates
2024-09-05 17:27:24
  • Multiple Updates
2024-09-05 00:27:26
  • First insertion