CVE-2024-50170

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: bcmasp: fix potential memory leak in bcmasp_xmit()

The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux490cb412007de593e07c1d3e2b1ec4233886707c < 7218de0778aefbbbcfe474a55f88bbf6f244627daffected
LinuxLinux490cb412007de593e07c1d3e2b1ec4233886707c < f689f20d3e09f2d4d0a2c575a9859115a33e68bdaffected
LinuxLinux490cb412007de593e07c1d3e2b1ec4233886707c < fed07d3eb8a8d9fcc0e455175a89bc6445d6faedaffected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.59 <= 6.6.*unaffected
LinuxLinux6.11.6 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References