2024-12-27 15:03:44 +00:00
{
"id" : "CVE-2024-53206" ,
"sourceIdentifier" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"published" : "2024-12-27T14:15:28.453" ,
2025-02-11 17:04:06 +00:00
"lastModified" : "2025-02-11T16:15:41.840" ,
"vulnStatus" : "Modified" ,
2024-12-27 15:03:44 +00:00
"cveTags" : [ ] ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix use-after-free of nreq in reqsk_timer_handler().\n\nThe cited commit replaced inet_csk_reqsk_queue_drop_and_put() with\n__inet_csk_reqsk_queue_drop() and reqsk_put() in reqsk_timer_handler().\n\nThen, oreq should be passed to reqsk_put() instead of req; otherwise\nuse-after-free of nreq could happen when reqsk is migrated but the\nretry attempt failed (e.g. due to timeout).\n\nLet's pass oreq to reqsk_put()."
2025-01-05 03:03:46 +00:00
} ,
{
"lang" : "es" ,
"value" : "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp: Se corrige el use-after-free de nreq en reqsk_timer_handler(). el commit citada reemplaz\u00f3 inet_csk_reqsk_queue_drop_and_put() con __inet_csk_reqsk_queue_drop() y reqsk_put() en reqsk_timer_handler(). Luego, oreq se debe pasar a reqsk_put() en lugar de req; de lo contrario, el use-after-free de nreq podr\u00eda ocurrir cuando se migra reqsk pero el intento de reintento falla (por ejemplo, debido al tiempo de espera). Pasemos oreq a reqsk_put()."
2024-12-27 15:03:44 +00:00
}
] ,
2025-01-14 19:03:56 +00:00
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"baseScore" : 7.8 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 5.9
2025-02-11 17:04:06 +00:00
} ,
{
"source" : "134c704f-9b21-4f2e-91b3-4a467353bcc0" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"baseScore" : 7.8 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 5.9
2025-01-14 19:03:56 +00:00
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-416"
}
]
2025-02-11 17:04:06 +00:00
} ,
{
"source" : "134c704f-9b21-4f2e-91b3-4a467353bcc0" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-416"
}
]
2025-01-14 19:03:56 +00:00
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "5.15.170" ,
"versionEndExcluding" : "5.15.174" ,
"matchCriteriaId" : "1984288E-8D42-413D-9278-5C8875307D85"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "6.1.115" ,
"versionEndExcluding" : "6.1.120" ,
"matchCriteriaId" : "D2892E46-4214-412A-8D0C-BBC3194625DB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "6.6.59" ,
"versionEndExcluding" : "6.6.64" ,
"matchCriteriaId" : "D9F69665-7078-4461-B0BD-45F68F40ADDC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "6.11.6" ,
"versionEndExcluding" : "6.11.11" ,
"matchCriteriaId" : "15C56677-BDE0-424A-8936-383473939A5B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "6.12" ,
"versionEndExcluding" : "6.12.2" ,
"matchCriteriaId" : "D8882B1B-2ABC-4838-AC1D-DBDBB5764776"
}
]
}
]
}
] ,
2024-12-27 15:03:44 +00:00
"references" : [
{
"url" : "https://git.kernel.org/stable/c/2dcc86fefe09ac853158afd96b60d544af115dc5" ,
2025-01-14 19:03:56 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-27 15:03:44 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/65ed89cad1f57034c256b016e89e8c0a4ec7c65b" ,
2025-01-14 19:03:56 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-27 15:03:44 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/6d845028609a4af0ad66f499ee0bd5789122b067" ,
2025-01-14 19:03:56 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-27 15:03:44 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/9a3c1ad93e6fba67b3a637cfa95a57a6685e4908" ,
2025-01-14 19:03:56 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-27 15:03:44 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/c31e72d021db2714df03df6c42855a1db592716c" ,
2025-01-14 19:03:56 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-27 15:03:44 +00:00
} ,
{
"url" : "https://git.kernel.org/stable/c/d0eb14cb8c08b00c36a3d5dc57a6f428b301f721" ,
2025-01-14 19:03:56 +00:00
"source" : "416baaa9-dc9f-4396-8d5f-8c081fb06d67" ,
"tags" : [
"Patch"
]
2024-12-27 15:03:44 +00:00
}
]
}
