CVE-2024-58055

CVE-2024-58055 is a double-free vulnerability in the Linux kernel's USB gadget f_tcm driver. The issue arises when a command is prematurely freed before the completion of its sense status, leading to a potential double-free of the command structure. This affects the f_tcm (TCM USB gadget function) component, which handles USB gadget emulation for SCSI target functionality. The vulnerability is tracked under CWE-415 (Double Free) and has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of required user interaction. Successful exploitation could result in high-impact confidentiality, integrity, and availability violations, such as memory corruption, kernel crashes, or potential privilege escalation through manipulated memory reuse.

Mitigation involves applying the upstream kernel patches referenced in the stable commit logs, such as those at https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047 and similar commits. These patches ensure the command is not freed until after the sense status completion, preventing the double-free condition. Security practitioners should update affected Linux kernels to incorporate these fixes.