CVE-2024-56554

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 27, 2024
Updated: Jan 14, 2025
CWE ID 416

Summary

CVE-2024-56554 is a use-after-free vulnerability affecting the Linux kernel's binder subsystem. Specifically, it was identified in the function `binder_release_work()`, where the cleaning up of a binder reference did not adequately handle any queued "freeze" work. This issue resulted in a situation where the reference was freed while its `ref->freeze.work` was still queued in `proc->work`, leading to a use-after-free condition. The vulnerability was discovered through a KASAN report, which detailed the affected CPU and process information, as well as the call trace leading to the issue. This vulnerability has been addressed through a commit that ensures any queued freeze work is removed when cleaning up a binder reference.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share