admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-394xx/CVE-2024-39490.json
cad-safe-bot c91693dc4a Auto-Update: 2024-07-21T02:00:18.731812+00:00
2024-07-21 02:03:14 +00:00

41 lines
3.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-39490",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-10T08:15:11.203",
"lastModified": "2024-07-11T13:05:54.930",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix missing sk_buff release in seg6_input_core\n\nThe seg6_input() function is responsible for adding the SRH into a\npacket, delegating the operation to the seg6_input_core(). This function\nuses the skb_cow_head() to ensure that there is sufficient headroom in\nthe sk_buff for accommodating the link-layer header.\nIn the event that the skb_cow_header() function fails, the\nseg6_input_core() catches the error but it does not release the sk_buff,\nwhich will result in a memory leak.\n\nThis issue was introduced in commit af3b5158b89d (\"ipv6: sr: fix BUG due\nto headroom too small after SRH push\") and persists even after commit\n7a3f5b0de364 (\"netfilter: add netfilter hooks to SRv6 data plane\"),\nwhere the entire seg6_input() code was refactored to deal with netfilter\nhooks.\n\nThe proposed patch addresses the identified memory leak by requiring the\nseg6_input_core() function to release the sk_buff in the event that\nskb_cow_head() fails."
},
{
"lang": "es",
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ipv6: sr: corrige la versi\u00f3n faltante de sk_buff en seg6_input_core La funci\u00f3n seg6_input() es responsable de agregar el SRH a un paquete, delegando la operaci\u00f3n al seg6_input_core(). Esta funci\u00f3n utiliza skb_cow_head() para garantizar que haya suficiente espacio libre en sk_buff para acomodar el encabezado de la capa de enlace. En caso de que la funci\u00f3n skb_cow_header() falle, seg6_input_core() detecta el error pero no libera sk_buff, lo que provocar\u00e1 una p\u00e9rdida de memoria. Este problema se introdujo en el commit af3b5158b89d (\"ipv6: sr: corrige el ERROR debido a un espacio libre demasiado peque\u00f1o despu\u00e9s de la inserci\u00f3n de SRH\") y persiste incluso despu\u00e9s de el commit 7a3f5b0de364 (\"netfilter: agregue enlaces de netfilter al plano de datos SRv6\"), donde todo el seg6_input( ) el c\u00f3digo fue refactorizado para lidiar con los ganchos de netfilter. El parche propuesto aborda la p\u00e9rdida de memoria identificada al requerir que la funci\u00f3n seg6_input_core() libere sk_buff en caso de que skb_cow_head() falle."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/5447f9708d9e4c17a647b16a9cb29e9e02820bd9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8f1fc3b86eaea70be6abcae2e9aa7e7b99453864",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e8688218e38111ace457509d8f0cad75f79c1a7a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f4df8c7670a73752201cbde215254598efdf6ce8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5fec1588642e415a3d72e02140160661b303940",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}
Reference in New Issue View Git Blame Copy Permalink