CVE-2024-38602

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ax25: Fix reference count leak issues of ax25_dev<br /> <br /> The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference<br /> count leak issue of the object "ax25_dev".<br /> <br /> Memory leak issue in ax25_addr_ax25dev():<br /> <br /> The reference count of the object "ax25_dev" can be increased multiple<br /> times in ax25_addr_ax25dev(). This will cause a memory leak.<br /> <br /> Memory leak issues in ax25_dev_device_down():<br /> <br /> The reference count of ax25_dev is set to 1 in ax25_dev_device_up() and<br /> then increase the reference count when ax25_dev is added to ax25_dev_list.<br /> As a result, the reference count of ax25_dev is 2. But when the device is<br /> shutting down. The ax25_dev_device_down() drops the reference count once<br /> or twice depending on if we goto unlock_put or not, which will cause<br /> memory leak.<br /> <br /> As for the issue of ax25_addr_ax25dev(), it is impossible for one pointer<br /> to be on a list twice. So add a break in ax25_addr_ax25dev(). As for the<br /> issue of ax25_dev_device_down(), increase the reference count of ax25_dev<br /> once in ax25_dev_device_up() and decrease the reference count of ax25_dev<br /> after it is removed from the ax25_dev_list.