CVE-2024-36954

Published May 30, 2024

Last updated a month ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-401

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1B511FF-B35C-4F12-BC59-FC0C59B5ED9B",
            "versionEndExcluding": "4.5",
            "versionStartIncluding": "4.4.271"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F201161-7061-4D21-AB64-08FE904827C3",
            "versionEndExcluding": "4.10",
            "versionStartIncluding": "4.9.271"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B377D18-E1AC-4086-BD80-E5A6E29501C2",
            "versionEndExcluding": "4.15",
            "versionStartIncluding": "4.14.235"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC3FE8F6-AF63-41C0-BCD1-8A6DF9BB8B9E",
            "versionEndExcluding": "4.19.314",
            "versionStartIncluding": "4.19.193"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C2251C5-3675-475C-A6CF-65DCB7DF9763",
            "versionEndExcluding": "5.4.276",
            "versionStartIncluding": "5.4.124"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A43FC5E3-31B4-40D2-A5F9-DCE255ACC316",
            "versionEndExcluding": "5.10.217",
            "versionStartIncluding": "5.10.42"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73FC57AB-D423-4492-B328-1585612B34E6",
            "versionEndExcluding": "5.15.159",
            "versionStartIncluding": "5.12.9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F8C886C-75AA-469B-A6A9-12BF1A29C0D5",
            "versionEndExcluding": "6.1.91",
            "versionStartIncluding": "5.16"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDDB1F69-36AC-41C1-9192-E7CCEF5FFC00",
            "versionEndExcluding": "6.6.31",
            "versionStartIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A6B920C-8D8F-4130-86B4-AD334F4CF2E3",
            "versionEndExcluding": "6.8.10",
            "versionStartIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91326417-E981-482E-A5A3-28BC1327521B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References