In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix missing sk_buff release in seg6_input_core
The seg6_input() function is responsible for adding the SRH into a
packet, delegating the operation to the seg6_input_core(). This function
uses the skb_cow_head() to ensure that there is sufficient headroom in
the sk_buff for accommodating the link-layer header.
In the event that the skb_cow_header() function fails, the
seg6_input_core() catches the error but it does not release the sk_buff,
which will result in a memory leak.
This issue was introduced in commit af3b5158b89d ("ipv6: sr: fix BUG due
to headroom too small after SRH push") and persists even after commit
7a3f5b0de364 ("netfilter: add netfilter hooks to SRv6 data plane"),
where the entire seg6_input() code was refactored to deal with netfilter
hooks.
The proposed patch addresses the identified memory leak by requiring the
seg6_input_core() function to release the sk_buff in the event that
skb_cow_head() fails.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-401 | |
Metrics |
cvssV3_1
|
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-10T07:14:09.667Z
Updated: 2024-12-19T09:07:11.763Z
Reserved: 2024-06-25T14:23:23.747Z
Link: CVE-2024-39490
Vulnrichment
Updated: 2024-08-02T04:26:15.676Z
NVD
Status : Awaiting Analysis
Published: 2024-07-10T08:15:11.203
Modified: 2024-11-25T20:15:06.600
Link: CVE-2024-39490
Redhat