CVE-2024-27393

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-27393
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27393.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-27393
Downstream
Related
Published
2024-05-09T16:37:07.973Z
Modified
2026-03-23T05:08:47.049723568Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
xen-netfront: Add missing skb_mark_for_recycle
Details

In the Linux kernel, the following vulnerability has been resolved:

xen-netfront: Add missing skbmarkfor_recycle

Notice that skbmarkforrecycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("pagepool: Allow drivers to hint on SKB recycling").

It is believed that fixes tag were missing a call to pagepoolreleasepage() between v5.9 to v5.14, after which is should have used skbmarkforrecycle(). Since v6.6 the call pagepoolreleasepage() were removed (in commit 535b9c61bdef ("net: pagepool: hide pagepoolreleasepage()") and remaining callers converted (in commit 6bfef2ec0172 ("Merge branch 'net-pagepool-remove-pagepoolrelease_page'")).

This leak became visible in v6.8 via commit dba1b8a7ab68 ("mm/pagepool: catch pagepool memory leaks").

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27393.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6c5aa6fc4defc2a0977a2c59e4710d50fa1e834c
Fixed
4143b9479caa29bb2380f3620dcbe16ea84eb3b1
Fixed
7c1250796b6c262b505a46192f4716b8c6a6a8c6
Fixed
27aa3e4b3088426b7e34584274ad45b5afaf7629
Fixed
c8b7b2f158d9d4fb89cd2f68244af154f7549bb4
Fixed
037965402a010898d34f4e35327d22c0a95cd51f

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27393.json"