What is CVE-2024-56672?

CVE-2024-56672 is a High severity Linux kernel vulnerability with a CVSS score of 7.0 out of 10, classified as a Use After Free flaw (CWE-416), affecting Linux kernel versions from 5.7 onward and patched in 5.10.234, 5.15.177, 6.1.121 and others. CVE-2024-56672 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2024-56672?

CVE-2024-56672 has a CVSS score of 7.0 out of 10, rated High severity. The vector string is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Is there a patch available for CVE-2024-56672?

Yes, CVE-2024-56672 has been patched. Fixed versions include 5.10.234, 5.15.177, 6.1.121 and others. If you are running Linux kernel 5.7 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2024-56672 actively exploited?

CVE-2024-56672 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is Use After Free (CWE-416)?

The product references memory after it has been freed, which may cause it to crash, use unexpected values, or execute code. See MITRE CWE for full details: https://cwe.mitre.org/data/definitions/416.html

CVE-2024-56672

High

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcg_unpin_online() blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after blkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the following UAF: ================================================================== BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270 Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117 CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty #48 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022 Workqueue: cgwb_release cgwb_release_workfn Call Trace: <TASK> dump_stack_lvl+0x27/0x80 print_report+0x151/0x710 kasan_report+0xc0/0x100 blkcg_unpin_online+0x15a/0x270 cgwb_release_workfn+0x194/0x480 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 </TASK> ... Freed by task 1944: kasan_save_track+0x2b/0x70 kasan_save_free_info+0x3c/0x50 __kasan_slab_free+0x33/0x50 kfree+0x10c/0x330 css_free_rwork_fn+0xe6/0xb30 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 Note that the UAF is not easy to trigger as the free path is indirected behind a couple RCU grace periods and a work item execution. I could only trigger it with artifical msleep() injected in blkcg_unpin_online(). Fix it by reading the parent pointer before destroying the blkcg's blkg's.

Package Linux Kernel

Published 2024-12-27

Last modified 2026-05-12

CVSS version 3.1

Patch available

Yes

CVSS 3.1 score

7.0

out of 10

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Vector string

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness type

CWE-416

CVE-2024-56672 is a Use After Free vulnerability

What is Use After Free?

The product references memory after it has been freed, which may cause it to crash, use unexpected values, or execute code. Learn more on MITRE CWE

Affected versions

Linux kernel versions 5.7 and later are affected. Fixed in 5.10.234, 5.15.177, 6.1.121, 6.6.67, 6.12.6, 6.13 and their respective stable series.

Affected from

≥ 5.7

Fixed in

✓ 5.10.234 5.10.x ✓ 5.15.177 5.15.x ✓ 6.1.121 6.1.x ✓ 6.6.67 6.6.x ✓ 6.12.6 6.12.x ✓ 6.13

References

The following references provide additional information about CVE-2024-56672 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Debian Security
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
Debian Security
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
Cert-Portal
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
Kernel patch commit
https://git.kernel.org/stable/c/29d1e06560f0f6179062ac638b4064deb637d1ad
Patch
Kernel patch commit
https://git.kernel.org/stable/c/5baa28569c924d9a90d036c2aaab79f791fedaf8
Patch
Kernel patch commit
https://git.kernel.org/stable/c/64afc6fe24c9896c0153e5a199bcea241ecb0d5c
Patch

6 patch commits total View all on NVD

Details

CVE ID CVE-2024-56672

Severity High

CVSS score 7.0 / 10

CVSS version 3.1

Published 2024-12-27

Modified 2026-05-12

KEV No

Patch

Yes

Package linux

Frequently asked questions

What is CVE-2024-56672?

CVE-2024-56672 is a High severity Linux kernel vulnerability with a CVSS score of 7.0 out of 10 , classified as an Use After Free flaw (CWE-416) . It affects Linux kernel versions from 5.7 onward and has been patched in 5.10.234, 5.15.177, 6.1.121 and others. CVE-2024-56672 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2024-56672?

CVE-2024-56672 has a CVSS score of 7.0 out of 10, rated High severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Is there a patch available for CVE-2024-56672?

Yes — CVE-2024-56672 has been patched. Fixed versions include 5.10.234, 5.15.177, 6.1.121 and others. If you are running Linux kernel 5.7 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2024-56672 actively exploited?

No — CVE-2024-56672 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
What is Use After Free (CWE-416)?

The product references memory after it has been freed, which may cause it to crash, use unexpected values, or execute code. View CWE-416 on MITRE CWE →