-

CVE-2024-27417

EPSS 0.04%
Veröffentlicht 17.05.2024 12:15:13
Zuletzt bearbeitet 21.11.2024 09:04:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

It seems that if userspace provides a correct IFA_TARGET_NETNSID value
but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()
returns -EINVAL with an elevated "struct net" refcount.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

Version < 810fa7d5e5202fcfb22720304b755f1bdfd4c174

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

Version < 8a54834c03c30e549c33d5da0975f3e1454ec906

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

Version < 1b0998fdd85776775d975d0024bca227597e836a

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

Version < 44112bc5c74e64f28f5a9127dc34066c7a09bd0f

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

Version < 33a1b6bfef6def2068c8703403759024ce17053e

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

Version < 10bfd453da64a057bcfd1a49fb6b271c48653cdb

Version 6ecf4c37eb3e89b0832c9616089a5cdca3747da7

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.20

Status affected

Version < 4.20

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.271

Status unaffected

Version <= 5.10.*

Version 5.10.212

Status unaffected

Version <= 5.15.*

Version 5.15.151

Status unaffected

Version <= 6.1.*

Version 6.1.81

Status unaffected

Version <= 6.6.*

Version 6.6.21

Status unaffected

Version <= 6.7.*

Version 6.7.9

Status unaffected

Version <= *

Version 6.8

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.119

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://git.kernel.org/stable/c/10bfd453da64a057bcfd1a49fb6b271c48653cdb

https://git.kernel.org/stable/c/1b0998fdd85776775d975d0024bca227597e836a

https://git.kernel.org/stable/c/33a1b6bfef6def2068c8703403759024ce17053e

https://git.kernel.org/stable/c/44112bc5c74e64f28f5a9127dc34066c7a09bd0f

https://git.kernel.org/stable/c/810fa7d5e5202fcfb22720304b755f1bdfd4c174

https://git.kernel.org/stable/c/8a54834c03c30e549c33d5da0975f3e1454ec906

https://git.kernel.org/stable/c/9d4ffb5b9d879a75e4f7460e8b10e756b4dfb132

https://nvd.nist.gov/vuln/detail/CVE-2024-27417

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27417

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27417

EUVD