5.5
CVE-2024-43861
- EPSS 0.23%
- Veröffentlicht 20.08.2024 22:15:04
- Zuletzt bearbeitet 03.11.2025 22:18:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net: usb: qmi_wwan: fix memory leak for not ip packets
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.12 < 4.19.320
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.282
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.224
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.165
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.105
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.46
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.5
Linux ≫ Linux Kernel Version6.11 Updaterc1
Linux ≫ Linux Kernel Version6.11 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.13 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/37c093449704017870604994ba9b813cdb9475a4
https://git.kernel.org/stable/c/3c90a69533b5bba73401ef884d033ea49ee99662
https://git.kernel.org/stable/c/7ab107544b777c3bd7feb9fe447367d8edd5b202
https://git.kernel.org/stable/c/c4251a3deccad852b27e60625f31fba6cc14372f
https://git.kernel.org/stable/c/c6c5b91424fafc0f83852d961c10c7e43a001882
https://git.kernel.org/stable/c/da518cc9b64df391795d9952aed551e0f782e446
https://git.kernel.org/stable/c/e87f52225e04a7001bf55bbd7a330fa4252327b5
https://git.kernel.org/stable/c/f2c353227de14b0289298ffc3ba92058c4768384
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html