CVE-2024-53210

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-53210
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53210.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53210
Downstream
Related
Published
2024-12-27T14:15:28Z
Modified
2025-10-01T20:17:20Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/iucv: MSGPEEK causes memory leak in iucvsock_destruct()

Passing MSGPEEK flag to skbrecvdatagram() increments skb refcount (skb->users) and iucvsockrecvmsg() does not decrement skb refcount at exit. This results in skb memory leak in skbqueuepurge() and WARNON in iucvsockdestruct() during socket close. To fix this decrease skb refcount by one if MSGPEEK is set in order to prevent memory leak and WARNON.

WARNING: CPU: 2 PID: 6292 at net/iucv/afiucv.c:286 iucvsockdestruct+0x144/0x1a0 [afiucv] CPU: 2 PID: 6292 Comm: afiucvtestmsg Kdump: loaded Tainted: G W 6.10.0-rc7 #1 Hardware name: IBM 3931 A01 704 (z/VM 7.3.0) Call Trace: [<001587c682c4aa98>] iucvsockdestruct+0x148/0x1a0 [afiucv] [<001587c682c4a9d0>] iucvsockdestruct+0x80/0x1a0 [afiucv] [<001587c704117a32>] _skdestruct+0x52/0x550 [<001587c704104a54>] _sockrelease+0xa4/0x230 [<001587c704104c0c>] sockclose+0x2c/0x40 [<001587c702c5f5a8>] _fput+0x2e8/0x970 [<001587c7024148c4>] taskworkrun+0x1c4/0x2c0 [<001587c7023b0716>] doexit+0x996/0x1050 [<001587c7023b13aa>] dogroupexit+0x13a/0x360 [<001587c7023b1626>] _s390xsysexitgroup+0x56/0x60 [<001587c7022bccca>] dosyscall+0x27a/0x380 [<001587c7049a6a0c>] _dosyscall+0x9c/0x160 [<001587c7049ce8a8>] systemcall+0x70/0x98 Last Breaking-Event-Address: [<001587c682c4a9d4>] iucvsockdestruct+0x84/0x1a0 [afiucv]

References

Affected packages