CVE-2024-26800 | Linux Kernel up to 6.6.20/6.7.8 tls crypto_aead_decrypt use after free (81be85353b0f/1ac9fb84bc7e)

Inserito da Angelo Barbosa | Apr 4, 2024 | CVE

A vulnerability was found in Linux Kernel up to 6.6.20/6.7.8 and classified as problematic. This issue affects the function crypto_aead_decrypt of the component tls. The manipulation leads to use after free.

The identification of this vulnerability is CVE-2024-26800. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-26800 | Linux Kernel up to 6.6.20/6.7.8 tls crypto_aead_decrypt use after free (81be85353b0f/1ac9fb84bc7e)

Post correlati

CVE-2024-5700 | Mozilla Firefox up to 126 memory corruption

CVE-2022-39997 | Teldats RS123/RS123w weak password

CVE-2024-20081 | MediaTek MT8678 Gnss Service out-of-bounds write (MSV-1412 / ALPS08719602)

CVE-2023-49411 | Tenda W30E 16.01.0.12(4843) formDeleteMeshNode stack-based overflow