LinuxVULNRICHMENT:CVE-2024-39489CVE-2024-39489 ipv6: sr: fix memleak in seg6_hmac_init_algo
AI Score
Confidence
Low
EPSS
Percentile
5.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix memleak in seg6_hmac_init_algo
seg6_hmac_init_algo returns without cleaning up the previous allocations
if one fails, so it’s going to leak all that memory and the crypto tfms.
Update seg6_hmac_exit to only free the memory when allocated, so we can
reuse the code directly.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "afd5730969ae",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "4a3fcf53725b",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "daf341e0a231",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "61d31ac85b45",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "599a56542150",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "0e44d6cbe8de",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "f6a99ef4e056",
"versionType": "git"
},
{
"status": "affected",
"version": "bf355b8d2c30",
"lessThan": "efb9f4f19f8e",
"versionType": "git"
}
],
"programFiles": [
"net/ipv6/seg6_hmac.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "4.10",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom",
"lessThanOrEqual": "6.1.*"
},
{
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom",
"lessThanOrEqual": "6.6.*"
},
{
"status": "unaffected",
"version": "6.9.4",
"versionType": "custom",
"lessThanOrEqual": "6.9.*"
},
{
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"net/ipv6/seg6_hmac.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6
git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3
git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821
git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c
git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976
git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be
git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6
git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383
Related
AI Score
Confidence
Low
EPSS
Percentile
5.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial