CVE-2024-47675

Published: Oct 21, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_unregister(). This leaks bpf_uprobe->uprobe and worse, this frees bpf_uprobe->consumer without removing it from the uprobe->consumers list.

Vendor	Product	Versions
Linux	Linux	affected `89ae89f53d201143560f1e9ed4bfa62eee34f88e - < 790c630ab0e7d7aba6d186581d4627c09fce60f3` affected `89ae89f53d201143560f1e9ed4bfa62eee34f88e - < 7c1d782e5afbf7c50ba74ecc4ddc18a05d63e5ee` affected `89ae89f53d201143560f1e9ed4bfa62eee34f88e - < cdf27834c3dd5d9abf7eb8e4ee87ee9e307eb25c` affected `89ae89f53d201143560f1e9ed4bfa62eee34f88e - < 5fe6e308abaea082c20fbf2aa5df8e14495622cf`
Linux	Linux	affected `6.6` unaffected `0 - < 6.6` unaffected `6.6.54 - <= 6.6.` unaffected `6.10.13 - <= 6.10.` unaffected `6.11.2 - <= 6.11.*` +1 more versions

References

https://git.kernel.org/stable/c/790c630ab0e7d7aba6d186581d4627c09fce60f3

https://git.kernel.org/stable/c/7c1d782e5afbf7c50ba74ecc4ddc18a05d63e5ee

https://git.kernel.org/stable/c/cdf27834c3dd5d9abf7eb8e4ee87ee9e307eb25c

https://git.kernel.org/stable/c/5fe6e308abaea082c20fbf2aa5df8e14495622cf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-47675

Description

Affected Products

References