SB2024071307 - Memory leak in Linux kernel mac80211
Published: July 13, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024071307
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2024-40942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mesh_path_discard_frame() function in net/mac80211/mesh_pathtbl.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/377dbb220edc8421b7960691876c5b3bef62f89b
- https://git.kernel.org/stable/c/ec79670eae430b3ffb7e0a6417ad7657728b8f95
- https://git.kernel.org/stable/c/7518e20a189f8659b8b83969db4d33a4068fcfc3
- https://git.kernel.org/stable/c/c4c865f971fd4a255208f57ef04d814c2ae9e0dc
- https://git.kernel.org/stable/c/617dadbfb2d3e152c5753e28356d189c9d6f33c0
- https://git.kernel.org/stable/c/63d5f89bb5664d60edbf8cf0df911aaae8ed96a4
- https://git.kernel.org/stable/c/d81e244af521de63ad2883e17571b789c39b6549
- https://git.kernel.org/stable/c/b7d7f11a291830fdf69d3301075dd0fb347ced84
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.317
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.162
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.279
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.95
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.35