Summary: Researchers have disclosed a high-severity vulnerability (CVE-2024-36972, CVSS 7.5) in the Linux kernelβs af_unix component, which can lead to kernel crashes and privilege escalation. This double free vulnerability could potentially be exploited by attackers, allowing for risks like container escape. A proof-of-concept exploit has been made available, highlighting the urgent need for system administrators to upgrade their systems.
Affected: Linux kernel versions v6.8 to v6.9, v5.15.147, v6.1.78, v6.6.17
Keypoints :
- Vulnerability resides in the unix_gc() function, allowing lockless reference drops under specific conditions.
- An exploit can manipulate memory to achieve kernel control flow manipulation.
- Immediate upgrades to patched kernel versions are essential to mitigate risks.