CVE-2024-44986

Summary

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in ip6_finish_output2()

If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed.

We need to hold rcu_read_lock() to make sure the dst and associated idev are alive.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5796015fa968a3349027a27dcd04c71d95c53ba5 < e891b36de161fcd96f12ff83667473e5067b9037affected
LinuxLinux5796015fa968a3349027a27dcd04c71d95c53ba5 < 3574d28caf9a09756ae87ad1ea096c6f47b6101eaffected
LinuxLinux5796015fa968a3349027a27dcd04c71d95c53ba5 < 6ab6bf731354a6fdbaa617d1ec194960db61cf3baffected
LinuxLinux5796015fa968a3349027a27dcd04c71d95c53ba5 < 56efc253196751ece1fc535a5b582be127b0578aaffected
LinuxLinux5796015fa968a3349027a27dcd04c71d95c53ba5 < da273b377ae0d9bd255281ed3c2adb228321687baffected
LinuxLinuxded37d03440d0ab346a8287cc2ba88b8dc90ceb0affected
LinuxLinux2323690eb05865a657709f4d28eb9538ea97bfc2affected
LinuxLinuxb34c668a867ffdcf8bd8db4a36512572e82b4a15affected
LinuxLinux5.4.137 < 5.5affected
LinuxLinux5.10.55 < 5.11affected
LinuxLinux5.13.7 < 5.14affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.166 <= 5.15.*unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.48 <= 6.6.*unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References