CVE-2024-35858

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: bcmasp: fix memory leak when bringing down interface

When bringing down the TX rings we flush the rings but forget to reclaimed the flushed packets. This leads to a memory leak since we do not free the dma mapped buffers. This also leads to tx control block corruption when bringing down the interface for power management.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux490cb412007de593e07c1d3e2b1ec4233886707c < 09040baf8779ad880e0e0d0ea10e57aa929ef3abaffected
LinuxLinux490cb412007de593e07c1d3e2b1ec4233886707c < 2389ad1990163d29cba5480d693b4c2e31cc545caffected
LinuxLinux490cb412007de593e07c1d3e2b1ec4233886707c < 9f898fc2c31fbf0ac5ecd289f528a716464cb005affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.30 <= 6.6.*unaffected
LinuxLinux6.8.9 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References