CVE-2024-44098

High CVSS 7.4

Overview

In lwis_device_event_states_clear_locked of lwis_event.c, there is a possible privilege escalation due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE: CWE-415 Published: 2024-10-25T11:15:16.170

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.4 (HIGH)
Detected tags: double_free, priv_esc (tag impact: HIGH)

Recommended actions:

Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags