Lucene search
Xen ProjectXSA-457HistoryMay 07, 2024 - 5:11 p.m.
Linux/xen-netfront: Memory leak due to missing cleanup function
2024-05-0717:11:00
Xen Project
xenbits.xen.org
14
netfront
memory leak
cleanup function
guest crash
denial of service
xen pv
linux 5.9
ISSUE DESCRIPTION
In netfront, xennet_alloc_one_rx_buffer() failed to call the appropriate clean-up function, resulting in a memory leak.
IMPACT
A malicious guest userspace process can exhaust memory resources within the guest kernel, potentially leading to a guest crash (Denial of Service). It is not known whether it can be triggered remotely.
VULNERABLE SYSTEMS
Systems with guests running Linux 5.9 and later with Xen PV network devices are affected.
Related
ubuntucve
ubuntucve
CVE-2024-27393
2024-05-14 00:00:00
vulnrichment
vulnrichment
CVE-2024-27393 xen-netfront: Add missing skb_mark_for_recycle
2024-05-09 16:37:07
cve
cve
CVE-2024-27393
2024-05-14 15:12:26
redhatcve
redhatcve
CVE-2024-27393
2024-05-16 05:24:37
nvd
nvd
CVE-2024-27393
2024-05-14 15:12:26
cvelist
cvelist
CVE-2024-27393 xen-netfront: Add missing skb_mark_for_recycle
2024-05-09 16:37:07
debiancve
debiancve
CVE-2024-27393
2024-05-14 15:12:26
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0274
2024-05-18 00:00:00
nessus
nessus
RHEL 9 : kernel (RHSA-2024:4108)
2024-06-26 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:4106)
2024-06-26 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2135-1)
2024-06-22 00:00:00