CVE-2024-50167

Summary

In the Linux kernel, the following vulnerability has been resolved:

be2net: fix potential memory leak in be_xmit()

The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < 941026023c256939943a47d1c66671526befbb26affected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < 6b7ce8ee01c33c380aaa5077ff25215492e7eb0eaffected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < 77bc881d370e850b7f3cd2b5eae67d596b40efbcaffected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < 919ab6e2370289a2748780f44a43333cd3878aa7affected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < 4c5f170ef4f85731a4d43ad9a6ac51106c0946beaffected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < 641c1beed52bf3c6deb0193fe4d38ec9ff75d2aeaffected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < e86a79b804e26e3b7f1e415b22a085c0bb7ea3d3affected
LinuxLinux760c295e0e8d982917d004c9095cff61c0cbd803 < e4dd8bfe0f6a23acd305f9b892c00899089bd621affected
LinuxLinux4.2affected
LinuxLinux0 < 4.2unaffected
LinuxLinux4.19.323 <= 4.19.*unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.229 <= 5.10.*unaffected
LinuxLinux5.15.170 <= 5.15.*unaffected
LinuxLinux6.1.115 <= 6.1.*unaffected
LinuxLinux6.6.59 <= 6.6.*unaffected
LinuxLinux6.11.6 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References