CVE-2024-56675

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 27, 2024

Updated: Feb 10, 2025

CWE ID 416

Summary

CVE-2024-56675 is a Linux kernel vulnerability that has been addressed. The issue lies in the bpf (Berkeley Packet Filter) component, where a mismatch between bpf_prog and attachment RCU flavors can result in a Use-After-Free (UAF) condition. Specifically, uprobes, which always use bpf_prog_run_array_uprobe() under tasks-trace-RCU protection, can have non-sleepable BPF programs attached to them. Upon removal of this attachment, the bpf_prog is inadvertently freed via normal RCU. This leads to UAF of the bpf_prog, as the tasks-trace-RCU grace period is not guaranteed. The vulnerability has been mitigated by explicitly waiting for a tasks-trace-RCU grace period before removing bpf_prog attachments from perf_events.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners