CVE-2024-46855
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/09/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
netfilter: nft_socket: fix sk refcount leaks<br />
<br />
We must put &#39;sk&#39; reference before returning.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.3 (including) | 6.1.111 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.52 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.10.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:4.19.76:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.2.18:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.11:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/076d281e90aaf4192799ecb9a1ed82321e133ecd
- https://git.kernel.org/stable/c/1f68e097e20d3c695281a9c6433acc37be47fe11
- https://git.kernel.org/stable/c/33c2258bf8cb17fba9e58b111d4c4f4cf43a4896
- https://git.kernel.org/stable/c/6572440f78b724c46070841a68254ebc534cde24
- https://git.kernel.org/stable/c/83e6fb59040e8964888afcaa5612cc1243736715
- https://git.kernel.org/stable/c/8b26ff7af8c32cb4148b3e147c52f9e4c695209c
- https://git.kernel.org/stable/c/ddc7c423c4a5386bf865474c694b48178efd311a
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html