5.5

CVE-2024-43861

net: usb: qmi_wwan: fix memory leak for not ip packets

In the Linux kernel, the following vulnerability has been resolved:

net: usb: qmi_wwan: fix memory leak for not ip packets

Free the unused skb when not ip packets arrive.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.12 < 4.19.320
LinuxLinux Kernel Version >= 4.20 < 5.4.282
LinuxLinux Kernel Version >= 5.5 < 5.10.224
LinuxLinux Kernel Version >= 5.11 < 5.15.165
LinuxLinux Kernel Version >= 5.16 < 6.1.105
LinuxLinux Kernel Version >= 6.2 < 6.6.46
LinuxLinux Kernel Version >= 6.7 < 6.10.5
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.13
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/37c093449704017870604994ba9b813cdb9475a4
Patch
https://git.kernel.org/stable/c/3c90a69533b5bba73401ef884d033ea49ee99662
Patch
https://git.kernel.org/stable/c/7ab107544b777c3bd7feb9fe447367d8edd5b202
Patch
https://git.kernel.org/stable/c/c4251a3deccad852b27e60625f31fba6cc14372f
Patch
https://git.kernel.org/stable/c/c6c5b91424fafc0f83852d961c10c7e43a001882
Patch
https://git.kernel.org/stable/c/da518cc9b64df391795d9952aed551e0f782e446
Patch
https://git.kernel.org/stable/c/e87f52225e04a7001bf55bbd7a330fa4252327b5
Patch
https://git.kernel.org/stable/c/f2c353227de14b0289298ffc3ba92058c4768384
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html