SB2024091844 - Memory leak in Linux kernel can
Published: September 18, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024091844
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2024-46771)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/5c680022c4e28ba18ea500f3e29f0428271afa92
- https://git.kernel.org/stable/c/33ed4ba73caae39f34ab874ba79138badc2c65dd
- https://git.kernel.org/stable/c/aec92dbebdbec7567d9f56d7c9296a572b8fd849
- https://git.kernel.org/stable/c/10bfacbd5e8d821011d857bee73310457c9c989a
- https://git.kernel.org/stable/c/3b39dc2901aa7a679a5ca981a3de9f8d5658afe8
- https://git.kernel.org/stable/c/4377b79323df62eb5d310354f19b4d130ff58d50
- https://git.kernel.org/stable/c/abb0a615569ec008e8a93d9f3ab2d5b418ea94d4
- https://git.kernel.org/stable/c/76fe372ccb81b0c89b6cd2fec26e2f38c958be85
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.322
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.226
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.167
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.284
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.110
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.51