5.5

CVE-2024-56715

ionic: Fix netdev notifier unregister on failure

In the Linux kernel, the following vulnerability has been resolved:

ionic: Fix netdev notifier unregister on failure

If register_netdev() fails, then the driver leaks the netdev notifier.
Fix this by calling ionic_lif_unregister() on register_netdev()
failure. This will also call ionic_lif_unregister_phc() if it has
already been registered.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10 < 5.15.176
LinuxLinux Kernel Version >= 5.16 < 6.1.122
LinuxLinux Kernel Version >= 6.2 < 6.6.68
LinuxLinux Kernel Version >= 6.7 < 6.12.7
LinuxLinux Kernel Version6.13 Updaterc1
LinuxLinux Kernel Version6.13 Updaterc2
LinuxLinux Kernel Version6.13 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.154
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/87847938f5708b2509b279369c96572254bcf2ba
Patch
https://git.kernel.org/stable/c/9590d32e090ea2751e131ae5273859ca22f5ac14
Patch
https://git.kernel.org/stable/c/da5736f516a664a9e1ff74902663c64c423045d2
Patch
https://git.kernel.org/stable/c/da93a12876f8b969df7316dc93aac7e725f88252
Patch
https://git.kernel.org/stable/c/ee2e931b2b46de9af7f681258e8ec8e2cd81cfc6
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html