5.5

CVE-2024-35838

wifi: mac80211: fix potential sta-link leak

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: fix potential sta-link leak

When a station is allocated, links are added but not
set to valid yet (e.g. during connection to an AP MLD),
we might remove the station without ever marking links
valid, and leak them. Fix that.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.0 < 6.1.76
LinuxLinux Kernel Version >= 6.2 < 6.6.15
LinuxLinux Kernel Version >= 6.7 < 6.7.3
LinuxLinux Kernel Version6.8 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.121
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/49aaeb8c539b1633b3bd7c2df131ec578aa1eae1
Patch
https://git.kernel.org/stable/c/587c5892976108674bbe61a8ff659de279318034
Patch
https://git.kernel.org/stable/c/b01a74b3ca6fd51b62c67733ba7c3280fa6c5d26
Patch
https://git.kernel.org/stable/c/e04bf59bdba0fa45d52160be676114e16be855a9
Patch