In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed that fixes tag were missing a call to page_pool_release_page() between v5.9 to v5.14, after which is should have used skb_mark_for_recycle(). Since v6.6 the call page_pool_release_page() were removed (in commit 535b9c61bdef ("net: page_pool: hide page_pool_release_page()") and remaining callers converted (in commit 6bfef2ec0172 ("Merge branch 'net-page_pool-remove-page_pool_release_page'")). This leak became visible in v6.8 via commit dba1b8a7ab68 ("mm/page_pool: catch page_pool memory leaks").
History

Fri, 22 Nov 2024 12:00:00 +0000


Tue, 05 Nov 2024 10:45:00 +0000


Mon, 04 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 13 Aug 2024 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.0
Vendors & Products Redhat rhel E4s

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-09T16:37:07.973Z

Updated: 2024-12-19T08:54:09.014Z

Reserved: 2024-02-25T13:47:42.677Z

Link: CVE-2024-27393

cve-icon Vulnrichment

Updated: 2024-08-02T00:34:52.268Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-14T15:12:26.993

Modified: 2024-11-21T09:04:31.160

Link: CVE-2024-27393

cve-icon Redhat

Severity : Low

Publid Date: 2024-05-08T00:00:00Z

Links: CVE-2024-27393 - Bugzilla