CVE-2024-27418
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-27418
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27418.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-27418
- Related
- Published
- 2024-05-17T12:15:13Z
- Modified
- 2024-09-18T03:26:10.110801Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: mctp: take ownership of skb in mctplocaloutput
Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput fails in specific states; the skb ownership isn't transferred until the actual output routing occurs.
Instead, make mctplocaloutput free the skb on all error paths up to the route action, so it always consumes the passed skb.
- References
-
- https://git.kernel.org/stable/c/3773d65ae5154ed7df404b050fd7387a36ab5ef3
- https://git.kernel.org/stable/c/a3c8fa54e904b0ddb52a08cc2d8ac239054f61fd
- https://git.kernel.org/stable/c/a639441c880ac479495e5ab37e3c29f21ae5771b
- https://git.kernel.org/stable/c/cbebc55ceacef1fc0651e80e0103cc184552fc68
- https://security-tracker.debian.org/tracker/CVE-2024-27418
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.82-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.7.9-1
Affected versions
6.*
6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1