CVE-2024-56766

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 6, 2025

Updated: Jan 9, 2025

CWE ID 415

Summary

CVE-2024-56766 is a linux kernel vulnerability affecting the mtd (Memory Technology Device) subsystem's rawnand component. The issue stems from a double free vulnerability in the function atmel_pmecc_create_user(). Prior to its resolution, the "user" pointer was allocated using kzalloc(), but was later freed using kfree(). This sequence of actions results in a double free scenario, potentially leading to memory corruption and unintended system behavior.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2AeDtt
https://www.cve.org/CVERecord?id=CVE-2024-56766
https://nvd.nist.gov/vuln/detail/CVE-2024-56766

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners