CVE-2024-56642: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56642 is a use-after-free vulnerability discovered in the Linux kernel's TIPC (Transparent Inter-Process Communication) module, specifically in the cleanup_bearer() function. The vulnerability was reported by syzkaller and affects Linux kernel versions from 4.2 up to versions before 5.4.287, 5.10.231, 5.15.174, 6.1.120, and 6.6.66 (NVD).

The vulnerability occurs when bearer_disable() calls tipc_udp_disable(), where the cleanup of the UDP kernel socket is deferred by work calling cleanup_bearer(). The issue arises because the work decrements the count too early before releasing the kernel socket, which unblocks cleanup_net() and results in a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could potentially lead to privilege escalation, denial of service, or information leaks in affected Linux systems. The high CVSS score indicates significant potential impact on system confidentiality, integrity, and availability when exploited (NVD).

The vulnerability has been fixed by moving the decrement operation after releasing the socket in cleanup_bearer(). Users are advised to upgrade to patched kernel versions: 5.4.287 or later, 5.10.231 or later, 5.15.174 or later, 6.1.120 or later, or 6.6.66 or later. The fix has been backported to various stable kernel branches (Kernel Patch).