CVE-2024-50168

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()

The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 137010d26dc5cd47cd62fef77cbe952d31951b7aaffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8d5b20fbc548650019afa96822b6a33ea4ec8aa5affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < db755e55349045375c5c7036e8650afb3ff419d8affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9c6ce55e6f0bd1541f112833006b4052614c7d94affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1a17a4ac2d57102497fac53b53c666dba6a0c20daffected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6dc937a3086e344f965ca5c459f8f3eb6b68d890affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 84f2bac74000dbb7a177d9b98a17031ec8d07ec5affected
LinuxLinux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2cb3f56e827abb22c4168ad0c1bbbf401bb2f3b8affected
LinuxLinux2.6.12affected
LinuxLinux0 < 2.6.12unaffected
LinuxLinux4.19.323 <= 4.19.*unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.229 <= 5.10.*unaffected
LinuxLinux5.15.170 <= 5.15.*unaffected
LinuxLinux6.1.115 <= 6.1.*unaffected
LinuxLinux6.6.59 <= 6.6.*unaffected
LinuxLinux6.11.6 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References