6.7.2

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

linux

CWE-416

NVD

Published: 2024-03-11

Updated: 2024-12-12

Summary

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module loading free order Reverse order of kfree calls to resolve use-after-free error.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.7 Linux Linux Kernel 6.7.1 Linux Linux Kernel 6.7.2	11

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://git.kernel.org/stable/c/2fa79badf4bfeffda6b5032cf62b828486ec9a99
https://git.kernel.org/stable/c/2fa79badf4bfeffda6b5032cf62b828486ec9a99
https://git.kernel.org/stable/c/78996eee79ebdfe8b6f0e54cb6dcc792d5129291
https://git.kernel.org/stable/c/78996eee79ebdfe8b6f0e54cb6dcc792d5129291