CVE-2024-56672

CVSS 3.1 Score 7 of 10 (high)

Details

Published Dec 27, 2024
Updated: Jan 6, 2025
CWE ID 416

Summary

CVE-2024-56672 is a Linux kernel vulnerability affecting the blkcg subsystem. The issue lies in the function blkcg_unpin_online(), where the developer failed to read the parent pointer before destroying the blkcg, leading to a Use-After-Free (UAF) condition. The vulnerability was discovered during the destruction of a blkcg object, which was followed by a call to blkcg_parent(). Due to the order of these function calls, the blkcg was freed before the parent pointer was read, resulting in the UAF. The impact of this vulnerability is significant as it can lead to a crash or even potentially allow an attacker to execute arbitrary code. However, it is worth noting that the UAF is not easy to trigger, requiring artificial msleep() injection in blkcg_unpin_online(). The vulnerability has been mitigated by reading the parent pointer before destroying the blkg associated with the blkcg.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share