CVE-2024-53165

HIGH EPSS 15.7%
Published Dec 27, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Dec 27, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use after free. To fix this, let's only add it to the list after everything has succeeded.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
15.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥2.6.30  –  <4.19.325
linuxlinux_kernel*≥4.20  –  <5.4.287
linuxlinux_kernel*≥5.5  –  <5.10.231
linuxlinux_kernel*≥5.11  –  <5.15.174
linuxlinux_kernel*≥5.16  –  <6.1.120
linuxlinux_kernel*≥6.2  –  <6.6.64
linuxlinux_kernel*≥6.7  –  <6.11.11
linuxlinux_kernel*≥6.12  –  <6.12.2

References 10

  • git.kernel.org https://git.kernel.org/stable/c/3c7c806b3eafd94ae0f77305a174d63b69ec187c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/588bdec1ff8b81517dbae0ae51c9df52c0b952d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/63e72e551942642c48456a4134975136cdcb9b3c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ba6e19912570b2ad68298be0be1dc779014a303
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/971b4893457788e0e123ea552f0bb126a5300e61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8b84dcdf3ab1d414304819f824b10efba64132c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3f4f4547fb291982f5ef56c048277c4d5ccc4e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c43df7dae28fb9fce96ef088250c1e3c3a77c527
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d8de818df12d86a1a26a8efd7b4b3b9c6dc3c5cc
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3c7c806b3eafd94ae0f77305a174d63b69ec187c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/588bdec1ff8b81517dbae0ae51c9df52c0b952d3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/63e72e551942642c48456a4134975136cdcb9b3c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ba6e19912570b2ad68298be0be1dc779014a303
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/971b4893457788e0e123ea552f0bb126a5300e61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b8b84dcdf3ab1d414304819f824b10efba64132c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3f4f4547fb291982f5ef56c048277c4d5ccc4e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c43df7dae28fb9fce96ef088250c1e3c3a77c527
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d8de818df12d86a1a26a8efd7b4b3b9c6dc3c5cc
    Patch