CVE-2024-38602
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/06/2024
Last modified:
27/08/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ax25: Fix reference count leak issues of ax25_dev<br />
<br />
The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference<br />
count leak issue of the object "ax25_dev".<br />
<br />
Memory leak issue in ax25_addr_ax25dev():<br />
<br />
The reference count of the object "ax25_dev" can be increased multiple<br />
times in ax25_addr_ax25dev(). This will cause a memory leak.<br />
<br />
Memory leak issues in ax25_dev_device_down():<br />
<br />
The reference count of ax25_dev is set to 1 in ax25_dev_device_up() and<br />
then increase the reference count when ax25_dev is added to ax25_dev_list.<br />
As a result, the reference count of ax25_dev is 2. But when the device is<br />
shutting down. The ax25_dev_device_down() drops the reference count once<br />
or twice depending on if we goto unlock_put or not, which will cause<br />
memory leak.<br />
<br />
As for the issue of ax25_addr_ax25dev(), it is impossible for one pointer<br />
to be on a list twice. So add a break in ax25_addr_ax25dev(). As for the<br />
issue of ax25_dev_device_down(), increase the reference count of ax25_dev<br />
once in ax25_dev_device_up() and decrease the reference count of ax25_dev<br />
after it is removed from the ax25_dev_list.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.17 (including) | 6.1.93 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.33 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.9 (including) | 6.9.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1ea02699c7557eeb35ccff2bd822de1b3e09d868
- https://git.kernel.org/stable/c/38eb01edfdaa1562fa00429be2e33f45383b1b3a
- https://git.kernel.org/stable/c/81d8240b0a243b3ddd8fa8aa172f1acc2f7cc8f3
- https://git.kernel.org/stable/c/ae467750a3765dd1092eb29f58247950a2f9b60c
- https://git.kernel.org/stable/c/b505e0319852b08a3a716b64620168eab21f4ced



