cve/2024/CVE-2024-38602.md

### [CVE-2024-38602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38602)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=418993bbaafb0cd48f904ba68eeda052d624c821%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.17%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5ea00fc60676c0eebfa8560ec461209d638bca9d%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=9af0fd5c4453a44c692be0cbb3724859b75d739b%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=d01ffb9eee4af165d83b08dd73ebdf9fe94a519b%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=e2b558fe507a1ed4c43db2b0057fc6e41f20a14c%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=ef0a2a0565727a48f2e36a2c461f8b1e3a61922d%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:ax25: Fix reference count leak issues of ax25_devThe ax25_addr_ax25dev() and ax25_dev_device_down() exist a referencecount leak issue of the object "ax25_dev".Memory leak issue in ax25_addr_ax25dev():The reference count of the object "ax25_dev" can be increased multipletimes in ax25_addr_ax25dev(). This will cause a memory leak.Memory leak issues in ax25_dev_device_down():The reference count of ax25_dev is set to 1 in ax25_dev_device_up() andthen increase the reference count when ax25_dev is added to ax25_dev_list.As a result, the reference count of ax25_dev is 2. But when the device isshutting down. The ax25_dev_device_down() drops the reference count onceor twice depending on if we goto unlock_put or not, which will causememory leak.As for the issue of ax25_addr_ax25dev(), it is impossible for one pointerto be on a list twice. So add a break in ax25_addr_ax25dev(). As for theissue of ax25_dev_device_down(), increase the reference count of ax25_devonce in ax25_dev_device_up() and decrease the reference count of ax25_devafter it is removed from the ax25_dev_list.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-38602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38602)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=418993bbaafb0cd48f904ba68eeda052d624c821%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.17%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5ea00fc60676c0eebfa8560ec461209d638bca9d%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=9af0fd5c4453a44c692be0cbb3724859b75d739b%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=d01ffb9eee4af165d83b08dd73ebdf9fe94a519b%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=e2b558fe507a1ed4c43db2b0057fc6e41f20a14c%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=ef0a2a0565727a48f2e36a2c461f8b1e3a61922d%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)`

			`### Description`

			In the Linux kernel, the following vulnerability has been resolved:ax25: Fix reference count leak issues of ax25_devThe ax25_addr_ax25dev() and ax25_dev_device_down() exist a referencecount leak issue of the object "ax25_dev".Memory leak issue in ax25_addr_ax25dev():The reference count of the object "ax25_dev" can be increased multipletimes in ax25_addr_ax25dev(). This will cause a memory leak.Memory leak issues in ax25_dev_device_down():The reference count of ax25_dev is set to 1 in ax25_dev_device_up() andthen increase the reference count when ax25_dev is added to ax25_dev_list.As a result, the reference count of ax25_dev is 2. But when the device isshutting down. The ax25_dev_device_down() drops the reference count onceor twice depending on if we goto unlock_put or not, which will causememory leak.As for the issue of ax25_addr_ax25dev(), it is impossible for one pointerto be on a list twice. So add a break in ax25_addr_ax25dev(). As for theissue of ax25_dev_device_down(), increase the reference count of ax25_devonce in ax25_dev_device_up() and decrease the reference count of ax25_devafter it is removed from the ax25_dev_list.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`