Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-0646 | Mondoo Vulnerability Intelligence

CVE-2024-0646

HIGH7.0

Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

Published Jan 17, 2024

Modified 2 months ago

No fix available

Details

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.

References

ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0723 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0724 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0725 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0850 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0851 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0876 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0881 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:0897 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1248 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1250 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1251 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1253 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1268 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1269 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1278 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1306 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1367 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1368 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1377 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1382 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:1404 ADVISORYhttps://access.redhat.com/errata/RHSA-2024:2094 WEBhttps://access.redhat.com/security/cve/CVE-2024-0646 WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=2253908 WEBhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267 WEBhttps://lists.debian.org/debian-lts-announce/2024/06/msg00016.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-0646

CVSS Analysis

CVSS v3.1

7.0

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

HighAC:H

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

Memory Safety

Out-of-bounds Write

Ecosystems

Timeline

PublishedJan 17, 2024

ModifiedNov 6, 2025