#VU102201 Improper error handling in Linux kernel - CVE-2024-56659
Published: December 30, 2024 / Updated: May 11, 2025
Vulnerability identifier: #VU102201
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-56659
CWE-ID: CWE-388
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/net/lapb.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/03e661b5e7aa1124f24054df9ab2ee5cb2178973
- https://git.kernel.org/stable/c/2b351355bbd50ae25d096785b6eb31998d2bf765
- https://git.kernel.org/stable/c/3aa2ef7ffd0451e8f81c249d2a2a68283c6bc700
- https://git.kernel.org/stable/c/76d856f03d0290cf5392364ecdf74c15ee16b8fd
- https://git.kernel.org/stable/c/a6d75ecee2bf828ac6a1b52724aba0a977e4eaf4
- https://git.kernel.org/stable/c/c21c7c1c00bcc60cf752ec491bdfd47693f4d3c7
- https://git.kernel.org/stable/c/f0949199651bc87c5ed2c12a7323f441f1af6fe9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.121