Linux Kernel: IOCTL Memory Corruption via Signal Interruption
CVE-2024-23354 Published on May 6, 2024

Use After Free in Graphics Linux
Memory corruption when the IOCTL call is interrupted by a signal.

NVD

Vulnerability Analysis

CVE-2024-23354 is exploitable with local system access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2024-23354 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2024-23354

Want to know whenever a new CVE is published for Google Android? stack.watch will email you.

Google Android

Affected Versions

Qualcomm, Inc. Snapdragon:

Version FastConnect 6700 is affected.
Version FastConnect 6900 is affected.
Version FastConnect 7800 is affected.
Version Flight RB5 5G Platform is affected.
Version QAM8255P is affected.
Version QAM8650P is affected.
Version QAM8775P is affected.
Version QAMSRV1H is affected.
Version QAMSRV1M is affected.
Version QCA6391 is affected.
Version QCA6574 is affected.
Version QCA6574A is affected.
Version QCA6574AU is affected.
Version QCA6595 is affected.
Version QCA6595AU is affected.
Version QCA6696 is affected.
Version QCA6698AQ is affected.
Version QCA6797AQ is affected.
Version QCM4325 is affected.
Version QCM4490 is affected.
Version QCM8550 is affected.
Version QCS4490 is affected.
Version QCS7230 is affected.
Version QCS8550 is affected.
Version QRB5165N is affected.
Version Qualcomm Video Collaboration VC5 Platform is affected.
Version Robotics RB5 Platform is affected.
Version SA6155P is affected.
Version SA7255P is affected.
Version SA8155P is affected.
Version SA8195P is affected.
Version SA8255P is affected.
Version SA8620P is affected.
Version SA8650P is affected.
Version SA8770P is affected.
Version SA8775P is affected.
Version SA9000P is affected.
Version SD 8 Gen1 5G is affected.
Version SG4150P is affected.
Version SG8275P is affected.
Version SM8550P is affected.
Version Snapdragon 4 Gen 2 Mobile Platform is affected.
Version Snapdragon 680 4G Mobile Platform is affected.
Version Snapdragon 685 4G Mobile Platform (SM6225-AD) is affected.
Version Snapdragon 8 Gen 1 Mobile Platform is affected.
Version Snapdragon 8 Gen 2 Mobile Platform is affected.
Version Snapdragon 8+ Gen 1 Mobile Platform is affected.
Version Snapdragon 8+ Gen 2 Mobile Platform is affected.
Version Snapdragon AR2 Gen 1 Platform is affected.
Version Snapdragon W5+ Gen 1 Wearable Platform is affected.
Version SRV1H is affected.
Version SRV1M is affected.
Version SSG2115P is affected.
Version SSG2125P is affected.
Version SW5100 is affected.
Version SW5100P is affected.
Version SXR1230P is affected.
Version SXR2230P is affected.
Version SXR2250P is affected.
Version TalynPlus is affected.
Version WCD9370 is affected.
Version WCD9375 is affected.
Version WCD9380 is affected.
Version WCD9385 is affected.
Version WCD9390 is affected.
Version WCD9395 is affected.
Version WCN3950 is affected.
Version WCN3988 is affected.
Version WSA8810 is affected.
Version WSA8815 is affected.
Version WSA8830 is affected.
Version WSA8832 is affected.
Version WSA8835 is affected.
Version WSA8840 is affected.
Version WSA8845 is affected.
Version WSA8845H is affected.

qualcomm snapdragon:

Version Numerous is affected.

qualcomm fastconnect_6700_firmware:

Version - is affected.

qualcomm fastconnect_6900_firmware:

Version - is affected.

qualcomm fastconnect_7800_firmware:

Version - is affected.

qualcomm flight_rb5_5g_platform_firmware:

Version - is affected.

qualcomm qam8255p_firmware:

Version - is affected.

qualcomm qam8650p_firmware:

Version - is affected.

qualcomm qam8775p_firmware:

Version - is affected.

qualcomm qamsrv1h_firmware:

Version - is affected.

qualcomm qamsrv1m_firmware:

Version - is affected.

qualcomm qca6391_firmware:

Version - is affected.

qualcomm qca6574_firmware:

Version - is affected.

qualcomm qca6574a_firmware:

Version - is affected.

qualcomm qca6574au_firmware:

Version - is affected.

qualcomm qca6595_firmware:

Version - is affected.

qualcomm qca6595au_firmware:

Version - is affected.

qualcomm qca6696_firmware:

Version - is affected.

qualcomm qca6698aq_firmware:

Version - is affected.

qualcomm qca6797aq_firmware:

Version - is affected.

qualcomm qcm4325_firmware:

Version - is affected.

qualcomm qcm4490_firmware:

Version - is affected.

qualcomm qcm8550_firmware:

Version - is affected.

qualcomm qcs4490_firmware:

Version - is affected.

qualcomm qcs7230_firmware:

Version - is affected.

qualcomm qcs8550_firmware:

Version - is affected.

qualcomm qrb5165n_firmware:

Version - is affected.

qualcomm_video_collaboration_vc5_platform_firmware:

Version - is affected.

qualcomm robotics_rb5_platform_firmware:

Version - is affected.

qualcomm sa6155p_firmware:

Version - is affected.

qualcomm sa7255p_firmware:

Version - is affected.

qualcomm sa8155p_firmware:

Version - is affected.

qualcomm sa8195p_firmware:

Version - is affected.

qualcomm sa8620p_firmware:

Version - is affected.

qualcomm sa8650p_firmware:

Version - is affected.

qualcomm sa8770p_firmware:

Version - is affected.

qualcomm sa8775p_firmware:

Version - is affected.

qualcomm sa9000p_firmware:

Version - is affected.

qualcomm sd_8_gen1_5g_firmware:

Version - is affected.

qualcomm sg8275p_firmware:

Version - is affected.

qualcomm sm8550p_firmware:

Version - is affected.

qualcomm snapdragon_4_gen_2_mobile_platform_firmware:

Version - is affected.

qualcomm snapdragon_680_4g_mobile_platform_firmware:

Version - is affected.

qualcomm snapdragon_8_gen_1_mobile_platform_firmware:

Version - is affected.

qualcomm snapdragon_8_gen_2_mobile_platform_firmware:

Version - is affected.

qualcomm srv1h_firmware:

Version - is affected.

Exploit Probability

EPSS

0.13%

Percentile

32.98%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Linux Kernel: IOCTL Memory Corruption via Signal InterruptionCVE-2024-23354 Published on May 6, 2024

Vulnerability Analysis

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2024-23354

Affected Versions

Exploit Probability

Linux Kernel: IOCTL Memory Corruption via Signal Interruption
CVE-2024-23354 Published on May 6, 2024