NuytsTech Security

CVE-2024-0217

by ·

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.

More information : https://access.redhat.com/security/cve/CVE-2024-0217

Attack vector : LOCAL
Attack complexity : LOW
Privileges required : LOW
User interaction : NONE
Confidentiality impact : NONE
Integrity impact : NONE
Base score : 3.3
Base severity : LOW
Exploitability score : 1.8
Impact score : 1.4

Tags: