CVE-2024-0584 Information

Description

A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet leading to a kernel information leak.

Reference

https://access.redhat.com/security/cve/CVE-2024-0584 https://bugzilla.redhat.com/show_bug.cgi?id=2258584 https://lore.kernel.org/netdev/170083982540.9628.4546899811301303734.git-patchwork-notify@kernel.org/T/