Home > Vulnerability Database > CVE-2024-0582

Mend.io Vulnerability Database

CVE-2024-0582

Good to know:

Date: January 16, 2024

A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Language: C

Severity Score

7.8

Related Resources (7)

Url: https://bugs.chromium.org/p/project-zero/issues/detail?id=2504

Url: https://access.redhat.com/security/cve/CVE-2024-0582

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-0582

Url: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c392cbecd8eca4c53f2bf508731257d9d0a21c2d

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2254050

Url: http://www.openwall.com/lists/oss-security/2024/04/24/3

Url: https://www.mend.io/vulnerability-database/CVE-2024-0582

Severity Score

7.8

Weakness Type (CWE)

Use After Free

CWE-416

Top Fix

Upgrade Version

Upgrade to version v6.6.5

Learn More

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-0582

Good to know:

Date: January 16, 2024

Language: C

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?