CVE-2024-46696

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 13, 2024
CWE ID 416

Summary

CVE-2024-46696 identifies a vulnerability in the Linux kernel related to a potential Use After Free (UAF) in the function nfsd4_cb_getattr_release. This weakness may allow local attackers with low privileges to access unsafe memory references after delegation has been dropped, posing significant risks to data integrity and confidentiality. The base severity of this vulnerability is rated as high, with a CVSS score of 7.8, indicating potential for serious impact on affected systems. To remediate this issue, users should apply the patches provided in the linked references from the Linux kernel repository. Organizations utilizing affected versions of the Linux kernel are advised to prioritize these updates to mitigate security risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share