CVE-2024-41087 - Double Free

Severity

78%

Complexity

18%

Confidentiality

98%

CVSS 3.1 Base Score 7.8. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Demo Examples

Double Free

CWE-415

Double Free

CWE-415

While contrived, this code should be exploitable on Linux distributions which do not ship with heap-chunk check summing turned on.


               
}
free(buf1R2);

Overview

First reported 6 months ago

2024-07-29 16:15:00

Last updated 3 months ago

2024-11-21 09:32:00

Affected Software

Linux Kernel

References

https://git.kernel.org/stable/c/290073b2b557e4dc21ee74a1e403d9ae79e393a2

https://git.kernel.org/stable/c/56f1c7e290cd6c69c948fcd2e2a49e6a637ec38f

https://git.kernel.org/stable/c/010de9acbea58fbcbda08e3793d6262086a493fe

https://git.kernel.org/stable/c/5dde5f8b790274723640d29a07c5a97d57d62047

https://git.kernel.org/stable/c/702c1edbafb2e6f9d20f6d391273b5be09d366a5

https://git.kernel.org/stable/c/062e256516d7db5e7dcdef117f52025cd5c456e3

https://git.kernel.org/stable/c/8106da4d88bbaed809e023cc8014b766223d6e76

https://git.kernel.org/stable/c/ab9e0c529eb7cafebdd31fe1644524e80a48b05d

https://git.kernel.org/stable/c/290073b2b557e4dc21ee74a1e403d9ae79e393a2

Patch

https://git.kernel.org/stable/c/56f1c7e290cd6c69c948fcd2e2a49e6a637ec38f

Patch

https://git.kernel.org/stable/c/010de9acbea58fbcbda08e3793d6262086a493fe

Patch

https://git.kernel.org/stable/c/5dde5f8b790274723640d29a07c5a97d57d62047

Patch

https://git.kernel.org/stable/c/702c1edbafb2e6f9d20f6d391273b5be09d366a5

Patch

https://git.kernel.org/stable/c/062e256516d7db5e7dcdef117f52025cd5c456e3

Patch

https://git.kernel.org/stable/c/8106da4d88bbaed809e023cc8014b766223d6e76

Patch

https://git.kernel.org/stable/c/ab9e0c529eb7cafebdd31fe1644524e80a48b05d

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.