CVE-2024-56603

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-56603
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56603.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56603
Downstream
Related
Published
2024-12-27T14:51:08.923Z
Modified
2026-03-20T12:38:39.961024Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
net: af_can: do not leave a dangling sk pointer in can_create()
Details

In the Linux kernel, the following vulnerability has been resolved:

net: afcan: do not leave a dangling sk pointer in cancreate()

On error cancreate() frees the allocated sk object, but sockinit_data() has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock object and may cause use-after-free later.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56603.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0d66548a10cbbe0ef256852d63d30603f0f73f9b
Fixed
884ae8bcee749be43a071d6ed2d89058dbd2425c
Fixed
ce39b5576785bb3e66591145aad03d66bc3e778d
Fixed
1fe625f12d090d69f3f084990c7e4c1ff94bfe5f
Fixed
5947c9ac08f0771ea8ed64186b0d52e9029cb6c0
Fixed
db207d19adbac96058685f6257720906ad41d215
Fixed
8df832e6b945e1ba61467d7f1c9305e314ae92fe
Fixed
811a7ca7320c062e15d0f5b171fe6ad8592d1434

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56603.json"