#VU94207 Memory leak in Linux kernel - CVE-2024-40942
Published: July 13, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU94207
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-40942
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mesh_path_discard_frame() function in net/mac80211/mesh_pathtbl.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/377dbb220edc8421b7960691876c5b3bef62f89b
- https://git.kernel.org/stable/c/ec79670eae430b3ffb7e0a6417ad7657728b8f95
- https://git.kernel.org/stable/c/7518e20a189f8659b8b83969db4d33a4068fcfc3
- https://git.kernel.org/stable/c/c4c865f971fd4a255208f57ef04d814c2ae9e0dc
- https://git.kernel.org/stable/c/617dadbfb2d3e152c5753e28356d189c9d6f33c0
- https://git.kernel.org/stable/c/63d5f89bb5664d60edbf8cf0df911aaae8ed96a4
- https://git.kernel.org/stable/c/d81e244af521de63ad2883e17571b789c39b6549
- https://git.kernel.org/stable/c/b7d7f11a291830fdf69d3301075dd0fb347ced84
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.317
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.221
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.162
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.279
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.95
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.35