Use After Free The advisory has been revoked - it doesn't affect any version of package kernel-tools-libs-devel (opens in a new tab)
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CENTOS8-KERNELTOOLSLIBSDEVEL-6657270
- published18 Apr 2024
- disclosed17 Apr 2024
Introduced: 17 Apr 2024
CVE-2024-26866 (opens in a new tab)Amendment
The Centos security team deemed this advisory irrelevant for Centos:8.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-tools-libs-devel package and not the kernel-tools-libs-devel package as distributed by Centos.
In the Linux kernel, the following vulnerability has been resolved:
spi: lpspi: Avoid potential use-after-free in probe()
fsl_lpspi_probe() is allocating/disposing memory manually with spi_alloc_host()/spi_alloc_target(), but uses devm_spi_register_controller(). In case of error after the latter call the memory will be explicitly freed in the probe function by spi_controller_put() call, but used afterwards by "devm" management outside probe() (spi_unregister_controller() <- devm_spi_unregister() below).
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000070 ... Call trace: kernfs_find_ns kernfs_find_and_get_ns sysfs_remove_group sysfs_remove_groups device_remove_attrs device_del spi_unregister_controller devm_spi_unregister release_nodes devres_release_all really_probe driver_probe_device __device_attach_driver bus_for_each_drv __device_attach device_initial_probe bus_probe_device deferred_probe_work_func process_one_work worker_thread kthread ret_from_fork
References
- https://access.redhat.com/security/cve/CVE-2024-26866
- https://git.kernel.org/stable/c/1543418e82789cc383cd36d41469983c64e3fc7f
- https://git.kernel.org/stable/c/2ae0ab0143fcc06190713ed81a6486ed0ad3c861
- https://git.kernel.org/stable/c/996ce839606afd0fef91355627868022aa73eb68
- https://git.kernel.org/stable/c/da83ed350e4604b976e94239b08d8e2e7eaee7ea