CVE-2024-27417

Summary

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINVAL with an elevated "struct net" refcount.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132affected
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 810fa7d5e5202fcfb22720304b755f1bdfd4c174affected
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 8a54834c03c30e549c33d5da0975f3e1454ec906affected
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 1b0998fdd85776775d975d0024bca227597e836aaffected
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 44112bc5c74e64f28f5a9127dc34066c7a09bd0faffected
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 33a1b6bfef6def2068c8703403759024ce17053eaffected
LinuxLinux6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 10bfd453da64a057bcfd1a49fb6b271c48653cdbaffected
LinuxLinux4.20affected
LinuxLinux0 < 4.20unaffected
LinuxLinux5.4.271 <= 5.4.*unaffected
LinuxLinux5.10.212 <= 5.10.*unaffected
LinuxLinux5.15.151 <= 5.15.*unaffected
LinuxLinux6.1.81 <= 6.1.*unaffected
LinuxLinux6.6.21 <= 6.6.*unaffected
LinuxLinux6.7.9 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References