CVE-2024-56606

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

af_packet: avoid erroring out after sock_init_data() in packet_create()

After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and cause use-after-free.

EPSS Score: 0.00236 (0.146)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Use After Free

ADVISORY - redhat

Use After Free


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in