Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after calling dev_kfree_skb(*sp).
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.27, < 4.19.320 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/4d8b642985ae24f4b3656438eb8489834a17bb80Patch
- https://git.kernel.org/stable/c/61ab751451f5ebd0b98e02276a44e23a10110402Patch
- https://git.kernel.org/stable/c/70db2c84631f50e02e6b32b543700699dd395803Patch
- https://git.kernel.org/stable/c/7e4a539bca7d8d20f2c5d93c18cce8ef77cd78e0Patch
- https://git.kernel.org/stable/c/8f4030277dfb9dbe04fd78566b19931097c9d629Patch
- https://git.kernel.org/stable/c/9460ac3dd1ae033bc2b021a458fb535a0c36ddb2Patch
- https://git.kernel.org/stable/c/d3e4d4a98c5629ccdcb762a0ff6c82ba9738a0c3Patch
- https://git.kernel.org/stable/c/ddc79556641ee070d36be0de4a1f0a16a71f1fc7Patch
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
FAQ
What is CVE-2024-42280?
CVE-2024-42280 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after calling dev_kfree_skb(*sp).
How severe is CVE-2024-42280?
CVE-2024-42280 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-42280?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.