CVE-2024-38554
ax25: Fix reference count leak issue of net_device
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issue of net_device There is a reference count leak issue of the object "net_device" in
ax25_dev_device_down(). When the ax25 device is shutting down, the
ax25_dev_device_down() drops the reference count of net_device one
or zero times depending on if we goto unlock_put or not, which will
cause memory leak. In order to solve the above issue, decrease the reference count of
net_device after dev->ax25_ptr is set to null.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ax25: Solucionar el problema de fuga del recuento de referencias de net_device Hay un problema de fuga del recuento de referencias del objeto "net_device" en ax25_dev_device_down(). Cuando el dispositivo ax25 se está apagando, ax25_dev_device_down() elimina el recuento de referencia de net_device una o cero veces dependiendo de si vamos a unlock_put o no, lo que provocará una pérdida de memoria. Para resolver el problema anterior, reduzca el recuento de referencias de net_device después de que dev->ax25_ptr se establezca en nulo.
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issue of net_device There is a reference count leak issue of the object "net_device" in ax25_dev_device_down(). When the ax25 device is shutting down, the ax25_dev_device_down() drops the reference count of net_device one or zero times depending on if we goto unlock_put or not, which will cause memory leak. In order to solve the above issue, decrease the reference count of net_device after dev->ax25_ptr is set to null.
Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-06-18 CVE Reserved
- 2024-06-19 CVE Published
- 2024-12-19 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/d01ffb9eee4af165d83b08dd73ebdf9fe94a519b | Vuln. Introduced | |
| https://git.kernel.org/stable/c/ef0a2a0565727a48f2e36a2c461f8b1e3a61922d | Vuln. Introduced | |
| https://git.kernel.org/stable/c/e2b558fe507a1ed4c43db2b0057fc6e41f20a14c | Vuln. Introduced | |
| https://git.kernel.org/stable/c/418993bbaafb0cd48f904ba68eeda052d624c821 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/5ea00fc60676c0eebfa8560ec461209d638bca9d | Vuln. Introduced | |
| https://git.kernel.org/stable/c/9af0fd5c4453a44c692be0cbb3724859b75d739b | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.17 < 6.1.93 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.1.93" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.17 < 6.6.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.6.33" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.17 < 6.8.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.8.12" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.17 < 6.9.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.9.3" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.17 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.17 < 6.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.14.277 Search vendor "Linux" for product "Linux Kernel" and version "4.14.277" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.19.240 Search vendor "Linux" for product "Linux Kernel" and version "4.19.240" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.4.190 Search vendor "Linux" for product "Linux Kernel" and version "5.4.190" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.10.112 Search vendor "Linux" for product "Linux Kernel" and version "5.10.112" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.15.35 Search vendor "Linux" for product "Linux Kernel" and version "5.15.35" | en |
Affected
| ||||||