CVE-2024-56772: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56772 is a Use-After-Free (UAF) vulnerability discovered in the Linux kernel's KUnit testing framework. The vulnerability was identified in the kunitinitsuite() function and affects Linux kernel versions from 6.7 up to (excluding) 6.12.4. The issue was disclosed on January 8, 2025, and stems from improper memory management in the string-stream handling functionality (NVD).

The vulnerability occurs in kunitdebugfscreatesuite() when allocstringstream() fails during the kunitsuiteforeachtestcase() loop. The issue arises because 'suite->log = stream' is assigned before the error handling, but the error path only frees the suite->log's stream memory without setting it to NULL. This leads to a Use-After-Free condition when stringstreamclear() of suite->log is called in kunitinitsuite(). The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

When exploited, this vulnerability can lead to a kernel panic and system crash. The issue manifests as an inability to handle kernel paging requests, resulting in a fatal exception. This can potentially allow an attacker with local access to cause system instability or potentially execute arbitrary code with kernel privileges (Kernel Patch).

The vulnerability has been patched by setting the stream pointer to NULL after freeing it. The fix was implemented in the Linux kernel by adding proper NULL assignments after stringstreamdestroy() calls. Users are advised to upgrade to Linux kernel version 6.12.4 or later which contains the security fix (Kernel Patch).