CVE-2024-53103

hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

Description

In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.

References

Link	Tags
https://git.kernel.org/stable/c/285266ef92f7b4bf7d26e1e95e215ce6a6badb4a	patch
https://git.kernel.org/stable/c/4fe1d42f2acc463b733bb42e3f8e67dbc2a0eb2d	patch
https://git.kernel.org/stable/c/414476c4fb11be070c09ab8f3e75c9ee324a108a	patch
https://git.kernel.org/stable/c/7cf25987820350cb950856c71b409e5b6eed52bd	patch
https://git.kernel.org/stable/c/98d8dde9232250a57ad5ef16479bf6a349e09b80	patch
https://git.kernel.org/stable/c/4bdc5a62c6e50600d8a1c3e18fd6dce0c27c9497	patch
https://git.kernel.org/stable/c/e0fe3392371293175f25028020ded5267f4cd8e3	patch
https://git.kernel.org/stable/c/8621725afb38e111969c64280b71480afde2aace	patch
https://git.kernel.org/stable/c/e629295bd60abf4da1db85b82819ca6a4f6c1e79	patch

Frequently Asked Questions

What is the severity of CVE-2024-53103?: CVE-2024-53103 has been scored as a high severity vulnerability.
How to fix CVE-2024-53103?: To fix CVE-2024-53103, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-53103 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-53103 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-53103?: CVE-2024-53103 affects Linux Linux, Linux Linux.

Description

Category

CWE-416 – Use After Free

References

Frequently Asked Questions