CVE-2024-46738: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46738 is a use-after-free vulnerability discovered in the Linux kernel's VMCI (Virtual Machine Communication Interface) driver. The vulnerability was disclosed on September 18, 2024, affecting Linux kernel versions from 3.9 through 6.10.10. The issue occurs in the vmciresourceremove() function when removing resources from the vmciresourcetable (NVD).

The vulnerability stems from improper resource handling in the vmciresourceremove() function. When removing a resource from vmciresourcetable, the function only compares context and resource fields of the handle, without checking the resource type. This allows creation of two resources with different types but the same handle (same context and resource fields). When attempting to remove one resource, vmciresourceremove() may remove the wrong one, leading to a use-after-free condition when the object is freed in vmcidatagramdestroyhandle() while vmciresource_table still holds a pointer to the freed resource (Kernel Patch).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access but can lead to high impacts on confidentiality, integrity, and availability of the system (NVD).

The vulnerability has been patched by adding a type check when removing resources from vmciresourcetable in vmciresourceremove(). The fix ensures that both the handle and resource type match before removal. Users should update their Linux kernel to a patched version. The fix has been backported to multiple stable kernel versions (Kernel Patch).