CVE-2024-58055

High

Published: 06 March 2025

Published

06 March 2025

Modified

03 November 2025

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0001 2.5th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-58055 is a high-severity Double Free (CWE-415) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly requires timely identification, reporting, and correction of flaws such as the double-free in the f_tcm USB gadget driver via kernel patching.

CM-7 Least Functionality good match

prevent

Prohibits or restricts nonessential kernel capabilities like the vulnerable f_tcm USB gadget driver module unless required for operations.

SI-16 Memory Protection partial match

prevent

Implements memory protections such as ASLR and guard pages that mitigate exploitation of the double-free vulnerability through memory corruption prevention.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Double-free in Linux kernel USB gadget driver enables local memory corruption leading to privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free…

the command.

Deeper analysisAI

CVE-2024-58055 is a double-free vulnerability in the Linux kernel's USB gadget f_tcm driver. The issue arises when a command is prematurely freed before the completion of its sense status, leading to a potential double-free of the command structure. This affects the f_tcm (TCM USB gadget function) component, which handles USB gadget emulation for SCSI target functionality. The vulnerability is tracked under CWE-415 (Double Free) and has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of required user interaction. Successful exploitation could result in high-impact confidentiality, integrity, and availability violations, such as memory corruption, kernel crashes, or potential privilege escalation through manipulated memory reuse.

Mitigation involves applying the upstream kernel patches referenced in the stable commit logs, such as those at https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047 and similar commits. These patches ensure the command is not freed until after the sense status completion, preventing the double-free condition. Security practitioners should update affected Linux kernels to incorporate these fixes.

Details

CWE(s): CWE-415

Affected Products

linux

linux kernel

4.6 — 5.4.291 · 5.5 — 5.10.235 · 5.11 — 5.15.179

CVEs Like This One

CVE-2026-31489Same product: Linux Linux Kernel

CVE-2024-57980Same product: Linux Linux Kernel

CVE-2026-31475Same product: Linux Linux Kernel

CVE-2026-31507Same product: Linux Linux Kernel

CVE-2026-31471Same product: Linux Linux Kernel

CVE-2026-23387Same product: Linux Linux Kernel

CVE-2024-56766Same product: Linux Linux Kernel

CVE-2026-31468Same product: Linux Linux Kernel

CVE-2026-23162Same product: Linux Linux Kernel

CVE-2026-23408Same product: Linux Linux Kernel

References

https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/38229c35a6d7875697dfb293356407330cfcd23e
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/7cb72dc08ed8da60fd6d1f6adf13bf0e6ee0f694
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/929b69810eec132b284ffd19047a85d961df9e4d
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/bbb7f49839b57d66ccaf7b5752d9b63d3031dd0a
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/c225d006a31949d673e646d585d9569bc28feeb9
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/e6693595bd1b55af62d057a4136a89d5c2ddf0e9
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/f0c33e7d387ccbb6870e73a43c558fefede06614
Patch · 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
af854a3a-2127-422b-91ae-364da2661108
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
af854a3a-2127-422b-91ae-364da2661108