Use-After-Free Vulnerability in Linux Kernel's IGMP Component

Use-After-Free Vulnerability in Linux Kernel's IGMP Component

CVE-2024-0584 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.