Lucene search
LinuxCVE-2024-40939HistoryJul 12, 2024 - 1:15 p.m.
CVE-2024-40939
2024-07-1213:15:16
Linux
web.nvd.nist.gov
34
linux kernel
net wwan iosm
vulnerability
region creation fail
ipc_devlink_create_region
delete process
tainted pointer
svace
In the Linux kernel, the following vulnerability has been resolved:
net: wwan: iosm: Fix tainted pointer delete is case of region creation fail
In case of region creation fail in ipc_devlink_create_region(), previously
created regions delete process starts from tainted pointer which actually
holds error code value.
Fix this bug by decreasing region index before delete.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected configurations
Node
linuxlinux_kernelRange5.16–6.1.95
ORlinuxlinux_kernelRange6.2.0–6.6.35
ORlinuxlinux_kernelRange6.7.0–6.9.6
ORlinuxlinux_kernelRange6.10.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/wwan/iosm/iosm_ipc_devlink.c"
],
"versions": [
{
"version": "4dcd183fbd67",
"lessThan": "fe394d59cdae",
"status": "affected",
"versionType": "git"
},
{
"version": "4dcd183fbd67",
"lessThan": "040d93848703",
"status": "affected",
"versionType": "git"
},
{
"version": "4dcd183fbd67",
"lessThan": "37a438704d19",
"status": "affected",
"versionType": "git"
},
{
"version": "4dcd183fbd67",
"lessThan": "b0c9a2643541",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/wwan/iosm/iosm_ipc_devlink.c"
],
"versions": [
{
"version": "5.16",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.16",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.95",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.35",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.6",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
osv
osv
CVE-2024-40939
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux-azure vulnerabilities
2024-09-12 13:23:45
redhatcve
redhatcve
CVE-2024-40939
2024-07-16 16:26:05
debiancve
debiancve
CVE-2024-40939
2024-07-12 13:15:16
cvelist
cvelist
vulnrichment
vulnrichment
ubuntucve
ubuntucve
CVE-2024-40939
2024-07-12 00:00:00
nvd
nvd
CVE-2024-40939
2024-07-12 13:15:16
redhat
redhat
(RHSA-2024:5928) Important: kernel security update
2024-08-28 11:05:30
oraclelinux
oraclelinux
kernel security update
2024-08-28 00:00:00
nessus
nessus
RHEL 9 : kernel (RHSA-2024:5928)
2024-08-28 00:00:00
Oracle Linux 9 : kernel (ELSA-2024-5928)
2024-08-29 00:00:00
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-6999-1)
2024-09-12 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00