CVE-2024-42075

{"id": "CVE-2024-42075", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-29T16:15:06.900", "references": [{"url": "https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix remap of arena.\n\nThe bpf arena logic didn't account for mremap operation. Add a refcnt for\nmultiple mmap events to prevent use-after-free in arena_vm_close."}, {"lang": "es", "value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: bpf: Se corrigi\u00f3 la reasignaci\u00f3n de arena. La l\u00f3gica de bpf arena no tuvo en cuenta la operaci\u00f3n de mremap. Agregue un refcnt para m\u00faltiples eventos mmap para evitar el uso despu\u00e9s de la liberaci\u00f3n en arena_vm_close."}], "lastModified": "2024-11-21T09:33:32.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18FE1EAE-C36C-49FC-A5E0-0A661CDC561E", "versionEndExcluding": "6.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1557DCF8-46D3-4910-8B19-5C77412AB681", "versionEndExcluding": "6.9.8", "versionStartIncluding": "6.9.1"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}