{ "id": "CVE-2024-27388", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-01T13:15:51.550", "lastModified": "2025-01-14T14:56:08.617", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa->data need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths." }, { "lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: SUNRPC: corrige algunas fugas de mem en gssx_dec_option_array Los creds y oa->data deben liberarse en las rutas de manejo de errores despu\u00e9s de su asignaci\u00f3n. Entonces este parche agrega estas desasignaciones en las rutas correspondientes." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-401" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10", "versionEndExcluding": "4.19.311", "matchCriteriaId": "AA8D2CD8-65D2-47A7-9391-35AFA94D8CCC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "5.4.273", "matchCriteriaId": "620FD8B7-BF03-43E0-951A-0A58461D4C55" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "5.10.214", "matchCriteriaId": "65987874-467B-4D3B-91D6-68A129B34FB8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "5.15.153", "matchCriteriaId": "ACB69438-845D-4E3C-B114-3140611F9C0B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.1.83", "matchCriteriaId": "121A07F6-F505-4C47-86BF-9BB6CC7B6C19" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.6.23", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.7.11", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.8.2", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/3cfcfc102a5e57b021b786a755a38935e357797d", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e3112ec4", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/996997d1fb2126feda550d6adcedcbd94911fc69", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ] } ] }