CVE-2024-50168

net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()

The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb
in case of skb->len being too long, add dev_kfree_skb() to fix it.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sun3_82586: corrige una posible pérdida de memoria en sun3_82586_send_packet(). sun3_82586_send_packet() devuelve NETDEV_TX_OK sin liberar skb en caso de que skb->len sea demasiado largo, agrega dev_kfree_skb() para solucionarlo.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-10-21 CVE Reserved
2024-11-07 CVE Published
2024-11-14 EPSS Updated
2024-11-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/137010d26dc5cd47cd62fef77cbe952d31951b7a	2024-11-08
https://git.kernel.org/stable/c/8d5b20fbc548650019afa96822b6a33ea4ec8aa5	2024-11-08
https://git.kernel.org/stable/c/db755e55349045375c5c7036e8650afb3ff419d8	2024-11-08
https://git.kernel.org/stable/c/9c6ce55e6f0bd1541f112833006b4052614c7d94	2024-11-01
https://git.kernel.org/stable/c/1a17a4ac2d57102497fac53b53c666dba6a0c20d	2024-11-01
https://git.kernel.org/stable/c/6dc937a3086e344f965ca5c459f8f3eb6b68d890	2024-11-01
https://git.kernel.org/stable/c/84f2bac74000dbb7a177d9b98a17031ec8d07ec5	2024-11-01
https://git.kernel.org/stable/c/2cb3f56e827abb22c4168ad0c1bbbf401bb2f3b8	2024-10-19

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 4.19.323 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 4.19.323"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.4.285 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.4.285"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.10.229 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.10.229"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.15.170 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.15.170"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.1.115 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.1.115"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.6.59 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.6.59"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.11.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.11.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.12"		en		Affected