CVE-2024-42280

Summary

In the Linux kernel, the following vulnerability has been resolved:

mISDN: Fix a use after free in hfcmulti_tx()

Don't dereference *sp after calling dev_kfree_skb(*sp).

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < 70db2c84631f50e02e6b32b543700699dd395803affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < d3e4d4a98c5629ccdcb762a0ff6c82ba9738a0c3affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < 9460ac3dd1ae033bc2b021a458fb535a0c36ddb2affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < 8f4030277dfb9dbe04fd78566b19931097c9d629affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < 4d8b642985ae24f4b3656438eb8489834a17bb80affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < ddc79556641ee070d36be0de4a1f0a16a71f1fc7affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < 7e4a539bca7d8d20f2c5d93c18cce8ef77cd78e0affected
LinuxLinuxaf69fb3a8ffa37e986db00ed93099dc44babeef4 < 61ab751451f5ebd0b98e02276a44e23a10110402affected
LinuxLinux2.6.27affected
LinuxLinux0 < 2.6.27unaffected
LinuxLinux4.19.320 <= 4.19.*unaffected
LinuxLinux5.4.282 <= 5.4.*unaffected
LinuxLinux5.10.224 <= 5.10.*unaffected
LinuxLinux5.15.165 <= 5.15.*unaffected
LinuxLinux6.1.103 <= 6.1.*unaffected
LinuxLinux6.6.44 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References