CVE-2024-26739

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 3, 2024

Updated: Jan 7, 2025

CWE ID 416

Summary

CVE-2024-26739 is a vulnerability affecting the Linux kernel's net/sched component. The issue arises when the 'act_mirred' function attempts to override a return value, but this action is not necessary or appropriate in all cases. If 'tcf_mirred_forward()' has not been called yet, setting the return code to 'SHOT' will cause a use-after-free condition. To address this issue, the return value override has been moved to the error path where it is required.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uk5-Im
https://www.cve.org/CVERecord?id=CVE-2024-26739
https://nvd.nist.gov/vuln/detail/CVE-2024-26739

Back to Vulnerability Database

CVE-2024-26739

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations