CVE-2024-26734

Summary

CVE-2024-26734 is a vulnerability affecting the Linux kernel. This issue involves a use-after-free and memory leak problem in the devlink initialization function, devlink_init(). The flaw arises due to the failure to properly register the pernet operations structure for the subsystem prior to registering the netlink family. If the subsystem registration is unsuccessful, a memory leak and use-after-free condition occur. To mitigate this issue, it is recommended to ensure proper registration of the pernet operations structure before attempting to register the netlink family.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.