5.5

CVE-2024-27064

netfilter: nf_tables: Fix a memory leak in nf_tables_updchain

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: Fix a memory leak in nf_tables_updchain

If nft_netdev_register_hooks() fails, the memory associated with
nft_stats is not freed, causing a memory leak.

This patch fixes it by moving nft_stats_alloc() down after
nft_netdev_register_hooks() succeeds.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.3.3 < 6.4
LinuxLinux Kernel Version >= 6.4 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.125
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/4e4623a4f6e133e671f65f9ac493bddaaf63e250
Patch
https://git.kernel.org/stable/c/79846fdcc548d617b0b321addc6a3821d3b75b20
Patch
https://git.kernel.org/stable/c/7eaf837a4eb5f74561e2486972e7f5184b613f6e
Patch
https://git.kernel.org/stable/c/e77a6b53a3a547b6dedfc40c37cee4f310701090
Patch