CVE-2024-56603 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-56603 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

net: af_can: do not leave a dangling sk pointer in can_create()

On error can_create() frees the allocated sk object, but sock_init_data()
has already attached it to the provided sock object. This will leave a
dangling sk pointer in the sock object and may cause use-after-free later.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 1235415 [NEW]

No SUSE Security Announcements cross referenced.

SUSE Timeline for this CVE

CVE page created: Wed Jan 8 14:10:13 2025
CVE page last modified: Wed Jan 8 14:10:13 2025