5.5
CVE-2024-27064
- EPSS 0.22%
- Veröffentlicht 01.05.2024 13:15:50
- Zuletzt bearbeitet 23.12.2024 14:17:03
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
netfilter: nf_tables: Fix a memory leak in nf_tables_updchain
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch fixes it by moving nft_stats_alloc() down after nft_netdev_register_hooks() succeeds.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.3.3 < 6.4
Linux ≫ Linux Kernel Version >= 6.4 < 6.6.23
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.11
Linux ≫ Linux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.125 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/4e4623a4f6e133e671f65f9ac493bddaaf63e250
https://git.kernel.org/stable/c/79846fdcc548d617b0b321addc6a3821d3b75b20
https://git.kernel.org/stable/c/7eaf837a4eb5f74561e2486972e7f5184b613f6e
https://git.kernel.org/stable/c/e77a6b53a3a547b6dedfc40c37cee4f310701090