CVE - CVE-2024-50264

CVE-ID
CVE-2024-50264	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203 URL:https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203 MISC:https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab URL:https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab MISC:https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df URL:https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df MISC:https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1 URL:https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1 MISC:https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f URL:https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f MISC:https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358 URL:https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358 MISC:https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1 URL:https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1 MISC:https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389 URL:https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389
Assigning CNA
kernel.org
Date Record Created
20241021	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241021)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.