CVE-2024-44986
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix possible UAF in ip6_finish_output2()
If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed.
We need to hold rcu_read_lock() to make sure the dst and associated idev are alive.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 5796015fa968a3349027a27dcd04c71d95c53ba5 < e891b36de161fcd96f12ff83667473e5067b9037 | affected |
| Linux | Linux | 5796015fa968a3349027a27dcd04c71d95c53ba5 < 3574d28caf9a09756ae87ad1ea096c6f47b6101e | affected |
| Linux | Linux | 5796015fa968a3349027a27dcd04c71d95c53ba5 < 6ab6bf731354a6fdbaa617d1ec194960db61cf3b | affected |
| Linux | Linux | 5796015fa968a3349027a27dcd04c71d95c53ba5 < 56efc253196751ece1fc535a5b582be127b0578a | affected |
| Linux | Linux | 5796015fa968a3349027a27dcd04c71d95c53ba5 < da273b377ae0d9bd255281ed3c2adb228321687b | affected |
| Linux | Linux | ded37d03440d0ab346a8287cc2ba88b8dc90ceb0 | affected |
| Linux | Linux | 2323690eb05865a657709f4d28eb9538ea97bfc2 | affected |
| Linux | Linux | b34c668a867ffdcf8bd8db4a36512572e82b4a15 | affected |
| Linux | Linux | 5.4.137 < 5.5 | affected |
| Linux | Linux | 5.10.55 < 5.11 | affected |
| Linux | Linux | 5.13.7 < 5.14 | affected |
| Linux | Linux | 5.14 | affected |
| Linux | Linux | 0 < 5.14 | unaffected |
| Linux | Linux | 5.15.166 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.107 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.48 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.7 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037
- https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e
- https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b
- https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be127b0578a
- https://git.kernel.org/stable/c/da273b377ae0d9bd255281ed3c2adb228321687b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.