1. Home
  2. Vulnerabilities
  3. CVE-2024-0582

CVE-2024-0582

CVSS v3.1 7.8 (High)
78% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 4
NVD Status Modified
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
NVD Status
Modified
CNA
Red Hat, Inc.
Published Date
2024-01-16 15:15:09
(8 months ago)
Updated Date
2024-05-01 18:15:12
(4 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 6.4 version and prior 6.6.5 version cpe:2.3:o:linux:linux_kernel >= 6.4 < 6.6.5
  Linux Kernel 6.7 Rc1 cpe:2.3:o:linux:linux_kernel:6.7:rc1
  Linux Kernel 6.7 Rc2 cpe:2.3:o:linux:linux_kernel:6.7:rc2
  Linux Kernel 6.7 Rc3 cpe:2.3:o:linux:linux_kernel:6.7:rc3