CVE-2024-27417
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINVAL with an elevated "struct net" refcount.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132 | affected |
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 810fa7d5e5202fcfb22720304b755f1bdfd4c174 | affected |
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 8a54834c03c30e549c33d5da0975f3e1454ec906 | affected |
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 1b0998fdd85776775d975d0024bca227597e836a | affected |
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 44112bc5c74e64f28f5a9127dc34066c7a09bd0f | affected |
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 33a1b6bfef6def2068c8703403759024ce17053e | affected |
| Linux | Linux | 6ecf4c37eb3e89b0832c9616089a5cdca3747da7 < 10bfd453da64a057bcfd1a49fb6b271c48653cdb | affected |
| Linux | Linux | 4.20 | affected |
| Linux | Linux | 0 < 4.20 | unaffected |
| Linux | Linux | 5.4.271 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.212 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.151 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.81 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.21 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.9 <= 6.7.* | unaffected |
| Linux | Linux | 6.8 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132
- https://git.kernel.org/stable/c/810fa7d5e5202fcfb22720304b755f1bdfd4c174
- https://git.kernel.org/stable/c/8a54834c03c30e549c33d5da0975f3e1454ec906
- https://git.kernel.org/stable/c/1b0998fdd85776775d975d0024bca227597e836a
- https://git.kernel.org/stable/c/44112bc5c74e64f28f5a9127dc34066c7a09bd0f
- https://git.kernel.org/stable/c/33a1b6bfef6def2068c8703403759024ce17053e
- https://git.kernel.org/stable/c/10bfd453da64a057bcfd1a49fb6b271c48653cdb
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
References
- https://git.kernel.org/stable/c/9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132
- https://git.kernel.org/stable/c/810fa7d5e5202fcfb22720304b755f1bdfd4c174
- https://git.kernel.org/stable/c/8a54834c03c30e549c33d5da0975f3e1454ec906
- https://git.kernel.org/stable/c/1b0998fdd85776775d975d0024bca227597e836a
- https://git.kernel.org/stable/c/44112bc5c74e64f28f5a9127dc34066c7a09bd0f
- https://git.kernel.org/stable/c/33a1b6bfef6def2068c8703403759024ce17053e
- https://git.kernel.org/stable/c/10bfd453da64a057bcfd1a49fb6b271c48653cdb
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.