CVE-2024-27418
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: mctp: take ownership of skb in mctp_local_output
Currently, mctp_local_output only takes ownership of skb on success, and we may leak an skb if mctp_local_output fails in specific states; the skb ownership isn't transferred until the actual output routing occurs.
Instead, make mctp_local_output free the skb on all error paths up to the route action, so it always consumes the passed skb.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 833ef3b91de692ef33b800bca6b1569c39dece74 < a3c8fa54e904b0ddb52a08cc2d8ac239054f61fd | affected |
| Linux | Linux | 833ef3b91de692ef33b800bca6b1569c39dece74 < cbebc55ceacef1fc0651e80e0103cc184552fc68 | affected |
| Linux | Linux | 833ef3b91de692ef33b800bca6b1569c39dece74 < a639441c880ac479495e5ab37e3c29f21ae5771b | affected |
| Linux | Linux | 833ef3b91de692ef33b800bca6b1569c39dece74 < 3773d65ae5154ed7df404b050fd7387a36ab5ef3 | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 6.1.81 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.21 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.9 <= 6.7.* | unaffected |
| Linux | Linux | 6.8 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/a3c8fa54e904b0ddb52a08cc2d8ac239054f61fd
- https://git.kernel.org/stable/c/cbebc55ceacef1fc0651e80e0103cc184552fc68
- https://git.kernel.org/stable/c/a639441c880ac479495e5ab37e3c29f21ae5771b
- https://git.kernel.org/stable/c/3773d65ae5154ed7df404b050fd7387a36ab5ef3
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/a3c8fa54e904b0ddb52a08cc2d8ac239054f61fd
- https://git.kernel.org/stable/c/cbebc55ceacef1fc0651e80e0103cc184552fc68
- https://git.kernel.org/stable/c/a639441c880ac479495e5ab37e3c29f21ae5771b
- https://git.kernel.org/stable/c/3773d65ae5154ed7df404b050fd7387a36ab5ef3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.