VDB
ASB-A-343727534
ASB-A-343727534
PUBLISHED
CVSS 8.600000381469727 HIGH
In __dst_negative_advice of sock.h, there is a possible failure to clear sk->sk_dst_cache in the correct order resulting in a use after free. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS v4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | :linux_kernel: | :0, Kernel, :0 |
Timeline
- Aug 1, 2024 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2024-08-01 advisory
- https://android.googlesource.com/kernel/common/+/41a05cfc0e471cea173345622375b672edd8ed3c patch
- https://android.googlesource.com/kernel/common/+/dd432c37afcddde2295aa3b3afc3ab293dbefaf8 patch
- https://android.googlesource.com/kernel/common/+/079d4f3ff06b21f99aed51d8b22534bdfda5a134 patch
- https://android.googlesource.com/kernel/common/+/3856ad0c3e3028d54c8dac960dec411e45c13146 patch
- https://android.googlesource.com/kernel/common/+/51e48339d74bc7c4e94fd813fc3e61e0fc0c43ae patch
- https://android.googlesource.com/kernel/common/+/bda79d62f01fdd3398efe0886faa4eb6330889f6 patch
- https://android.googlesource.com/kernel/common/+/b8932254b9b2f02620e96572fee9c615c1db2bc3 patch
- https://android.googlesource.com/kernel/common/+/9b0dadc811eb0140a61734cde73498c1dd574fa1 patch
- https://android.googlesource.com/kernel/common/+/9a84d60e35317c5799ebcbf1c6872f0a2b7d6006 patch
- https://android.googlesource.com/kernel/common/+/bd2bcb81d4ebcffd4e56bb8dfe3e3d4c871928f5 patch
- https://android.googlesource.com/kernel/common/+/a7462d7032e5ed971980180c6a5aadc8ad700331 patch