CVE-2024-41046

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: lantiq_etop: fix double free in detach

The number of the currently released descriptor is never incremented which results in the same skb being released multiple times.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < 1a2db00a554cfda57c397cce79b2804bf9633fecaffected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < 907443174e76b854d28024bd079f0e53b94dc9a1affected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < 22b16618a80858b3a9d607708444426948cc4ae1affected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < 69ad5fa0ce7c548262e0770fc2b726fe7ab4f156affected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < c2b66e2b3939af63699e4a4bd25a8ac4a9b1d1b3affected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < 9d23909ae041761cb2aa0c3cb1748598d8b6bc54affected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < 84aaaa796a19195fc59290154fef9aeb1fba964faffected
LinuxLinux504d4721ee8e432af4b5f196a08af38bc4dac5fe < e1533b6319ab9c3a97dad314dd88b3783bc41b69affected
LinuxLinux3.0affected
LinuxLinux0 < 3.0unaffected
LinuxLinux4.19.318 <= 4.19.*unaffected
LinuxLinux5.4.280 <= 5.4.*unaffected
LinuxLinux5.10.222 <= 5.10.*unaffected
LinuxLinux5.15.163 <= 5.15.*unaffected
LinuxLinux6.1.100 <= 6.1.*unaffected
LinuxLinux6.6.41 <= 6.6.*unaffected
LinuxLinux6.9.10 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References