Lucene search
LinuxCVELIST:CVE-2024-27417HistoryMay 17, 2024 - 11:51 a.m.
CVE-2024-27417 ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
2024-05-1711:51:07
Linux
www.cve.org
linux kernel
fix
potential
ipv6
struct net
leak
inet6_rtm_getaddr
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix potential “struct net” leak in inet6_rtm_getaddr()
It seems that if userspace provides a correct IFA_TARGET_NETNSID value
but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()
returns -EINVAL with an elevated “struct net” refcount.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/ipv6/addrconf.c"
],
"versions": [
{
"version": "6ecf4c37eb3e",
"lessThan": "9d4ffb5b9d87",
"status": "affected",
"versionType": "git"
},
{
"version": "6ecf4c37eb3e",
"lessThan": "810fa7d5e520",
"status": "affected",
"versionType": "git"
},
{
"version": "6ecf4c37eb3e",
"lessThan": "8a54834c03c3",
"status": "affected",
"versionType": "git"
},
{
"version": "6ecf4c37eb3e",
"lessThan": "1b0998fdd857",
"status": "affected",
"versionType": "git"
},
{
"version": "6ecf4c37eb3e",
"lessThan": "44112bc5c74e",
"status": "affected",
"versionType": "git"
},
{
"version": "6ecf4c37eb3e",
"lessThan": "33a1b6bfef6d",
"status": "affected",
"versionType": "git"
},
{
"version": "6ecf4c37eb3e",
"lessThan": "10bfd453da64",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/ipv6/addrconf.c"
],
"versions": [
{
"version": "4.20",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.20",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.271",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.212",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.151",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.81",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.21",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.9",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/10bfd453da64a057bcfd1a49fb6b271c48653cdb
git.kernel.org/stable/c/1b0998fdd85776775d975d0024bca227597e836a
git.kernel.org/stable/c/33a1b6bfef6def2068c8703403759024ce17053e
git.kernel.org/stable/c/44112bc5c74e64f28f5a9127dc34066c7a09bd0f
git.kernel.org/stable/c/810fa7d5e5202fcfb22720304b755f1bdfd4c174
git.kernel.org/stable/c/8a54834c03c30e549c33d5da0975f3e1454ec906
git.kernel.org/stable/c/9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132
Related
debiancve
debiancve
CVE-2024-27417
2024-05-17 12:15:13
nvd
nvd
CVE-2024-27417
2024-05-17 12:15:13
cve
cve
CVE-2024-27417
2024-05-17 12:15:13
redhatcve
redhatcve
CVE-2024-27417
2024-05-17 22:24:15
vulnrichment
vulnrichment
CVE-2024-27417 ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
2024-05-17 11:51:07
ubuntucve
ubuntucve
CVE-2024-27417
2024-05-17 00:00:00
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-068)
2024-05-31 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-603)
2024-04-29 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-052)
2024-04-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6831-1)
2024-06-13 00:00:00
Ubuntu: Security Advisory (USN-6820-1)
2024-06-10 00:00:00
Ubuntu: Security Advisory (USN-6820-2)
2024-06-12 00:00:00
osv
osv
linux-gkeop, linux-gkeop-5.15, linux-kvm vulnerabilities
2024-06-10 17:13:01
linux-aws, linux-aws-5.15 vulnerabilities
2024-06-11 20:53:02
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-10 00:00:00