Lucene search
Ubuntu.comUB:CVE-2024-0584HistoryJan 16, 2024 - 12:00 a.m.
CVE-2024-0584
2024-01-1600:00:00
ubuntu.com
ubuntu.com
16
linux kernel
igmp_start_timer
net component
use-after-free
information leak
igmp querypacket
local privilege escalation
A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in
the network sub-component in the Linux Kernel. This flaw allows a local
user to observe a refcnt use-after-free issue when receiving an igmp query
packet, leading to a kernel information leak.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=2258584>
- <https://bugzilla.suse.com/show_bug.cgi?id=1218857>
Notes
| Author | Note |
|---|---|
| Priority reason: By using unprivileged user namespaces, this can be exploited to achieve local privilege escalation. | |
| cache-use-only | duplicates CVE-2023-6932 |
References
access.redhat.com/security/cve/CVE-2024-0584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0584
git.kernel.org/linus/e2b706c691905fe78468c361aaabc719d0a496f1 (6.7-rc4)
launchpad.net/bugs/cve/CVE-2024-0584
lore.kernel.org/netdev/170083982540.9628.4546899811301303734.git-patchwork-notify@kernel.org/T/
nvd.nist.gov/vuln/detail/CVE-2024-0584
security-tracker.debian.org/tracker/CVE-2024-0584
Related
nvd
nvd
CVE-2024-0584
2024-01-16 14:15:49
CVE-2023-6932
2023-12-19 14:15:08
prion
prion
Design/Logic Flaw
2024-01-16 14:15:00
Race condition
2023-12-19 14:15:00
cve
cve
CVE-2024-0584
2024-01-16 14:15:49
CVE-2023-6932
2023-12-19 14:15:08
cvelist
cvelist
CVE-2024-0584
2024-01-16 14:02:02
CVE-2023-6932 Use-after-free in Linux kernel's ipv4: igmp component
2023-12-19 14:09:15
cbl_mariner
cbl_mariner
CVE-2024-0584 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
CVE-2023-6932 affecting package kernel for versions less than 5.15.143.1-1
2024-01-19 03:54:24
CVE-2023-6932 affecting package kernel for versions less than 6.6.29.1-4
2024-06-21 09:32:44
nessus
nessus
osv
osv
linux vulnerability
2024-01-25 19:32:56
linux-aws vulnerabilities
2024-01-25 20:24:48
linux-kvm vulnerabilities
2024-01-29 22:43:38
debiancve
debiancve
CVE-2023-6932
2023-12-19 14:15:08
CVE-2024-0584
2024-01-16 14:15:49
ubuntucve
ubuntucve
CVE-2023-6932
2023-12-19 00:00:00
openvas
openvas
ubuntu
ubuntu
Linux kernel vulnerability
2024-01-25 00:00:00
Linux kernel (AWS) vulnerabilities
2024-01-25 00:00:00
Linux kernel (KVM) vulnerabilities
2024-01-29 00:00:00
redhatcve
redhatcve
CVE-2023-6932
2023-12-19 21:46:48
CVE-2024-0584
2024-01-16 12:22:00
amazon
amazon
Important: kernel
2024-01-03 21:04:00
Important: kernel
2024-01-03 22:37:00
ibm
ibm
ics
ics
Siemens SIMATIC S7-1500
2024-04-11 12:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0548
2024-01-13 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0713
2024-01-16 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0187
2024-01-09 00:00:00
redhat
redhat
(RHSA-2024:0725) Important: kernel-rt security update
2024-02-07 16:03:29
(RHSA-2024:0723) Important: kernel security update
2024-02-07 16:01:23
cloudlinux
cloudlinux
kernel: Fix of 13 CVEs
2024-01-17 12:32:48
kernel: Fix of 13 CVEs
2024-01-17 12:28:37
chrome
chrome
Stable Channel Update for ChromeOS / ChromeOS Flex
2024-02-07 00:00:00
debian
debian
[SECURITY] [DLA 3711-1] linux-5.10 security update
2024-01-11 17:58:27
[SECURITY] [DSA 5594-1] linux security update
2024-01-02 21:05:08