macsec: Fix use-after-free while sending the offloading packet
CVE-2024-50261

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
9 November 2024

What is CVE-2024-50261?

A serious vulnerability has been identified in the Linux kernel where a use-after-free condition occurs while sending offloading packets related to the macsec functionality. This issue arises because the SCI value stored in metadata_dst is prematurely freed, leading to potential memory corruption. The kernel's KASAN tool reports this flaw, highlighting that the existing implementation in macsec should not immediately release metadata_dst if it is still referenced by the socket buffer (skb). An appropriate fix has been introduced to address this issue and prevent the associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0a28bfd4971fd570d1f3e4653b21415becefc92c < 872932cf75cf859804370a265dd58118129386fa

Linux 0a28bfd4971fd570d1f3e4653b21415becefc92c < 9f5ae743dbe9a2458540a7d35fff0f990df025cf

Linux 0a28bfd4971fd570d1f3e4653b21415becefc92c < 4614640f1d5c93c22272117dc256e9940ccac8e8

References

https://git.kernel.org/stable/c/872932cf75cf859804370a265...
https://git.kernel.org/stable/c/9f5ae743dbe9a2458540a7d35...
https://git.kernel.org/stable/c/4614640f1d5c93c22272117dc...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.