CNVD-2024-14761 — Vulnetix

CNVD-2024-14761 PUBLISHED CVSS 7.800000190734863 HIGH

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux Kernel存在释放后重用漏洞，该漏洞源于删除mm/page-writeback.c中wb_inode_writeback_end中的设备会导致释放后重用。攻击者可利用该漏洞造成内存破坏从而改变进程行为。

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	0:4.18.0-372.87.1.el8_6
		0
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	0:4.18.0-372.87.1.el8_6
Red Hat	Red Hat Enterprise Linux 8

Timeline

Oct 11, 2022 CVE Published
Jan 15, 2024 PoC Published
Feb 3, 2024 PoC Published
Jun 3, 2026 Distribution Patch
Jun 3, 2026 Security Advisory

References

RHSA-2024:0412 vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-0562 vdb
RHBZ#2258475 issue
https://patchwork.kernel.org/project/linux-mm/patch/20220801155034.3772543-1-khazhy@google.com/ url

Open in Interactive Console →