5.5

CVE-2024-35838

EPSS 0.02%
Published 17.05.2024 14:15:20
Last modified 19.09.2025 18:41:14
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

wifi: mac80211: fix potential sta-link leak

When a station is allocated, links are added but not
set to valid yet (e.g. during connection to an AP MLD),
we might remove the station without ever marking links
valid, and leak them. Fix that.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.0 < 6.1.76

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.15

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.3

Linux ≫ Linux Kernel Version6.8 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.02

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://git.kernel.org/stable/c/49aaeb8c539b1633b3bd7c2df131ec578aa1eae1

Patch

https://git.kernel.org/stable/c/587c5892976108674bbe61a8ff659de279318034

Patch

https://git.kernel.org/stable/c/b01a74b3ca6fd51b62c67733ba7c3280fa6c5d26

Patch

https://git.kernel.org/stable/c/e04bf59bdba0fa45d52160be676114e16be855a9

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-35838

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-35838

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-35838

EUVD