LinuxCVE-2024-39489CVE-2024-39489
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
5.0%
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix memleak in seg6_hmac_init_algo
seg6_hmac_init_algo returns without cleaning up the previous allocations
if one fails, so it’s going to leak all that memory and the crypto tfms.
Update seg6_hmac_exit to only free the memory when allocated, so we can
reuse the code directly.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/ipv6/seg6_hmac.c"
],
"versions": [
{
"version": "bf355b8d2c30",
"lessThan": "afd5730969ae",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "4a3fcf53725b",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "daf341e0a231",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "61d31ac85b45",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "599a56542150",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "0e44d6cbe8de",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "f6a99ef4e056",
"status": "affected",
"versionType": "git"
},
{
"version": "bf355b8d2c30",
"lessThan": "efb9f4f19f8e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/ipv6/seg6_hmac.c"
],
"versions": [
{
"version": "4.10",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.10",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.316",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.278",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.219",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.161",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.93",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.33",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.4",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6
git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3
git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821
git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c
git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976
git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be
git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6
git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
5.0%