Linux Kernel TIPC: memleak fix in tipc_buf_append
CVE-2024-36954 Published on May 30, 2024
tipc: fix a possible memleak in tipc_buf_append
In the Linux kernel, the following vulnerability has been resolved:
tipc: fix a possible memleak in tipc_buf_append
__skb_linearize() doesn't free the skb when it fails, so move
'*buf = NULL' after __skb_linearize(), so that the skb can be
freed on the err path.
Products Associated with CVE-2024-36954
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-36954 are published in these products:
Affected Versions
Linux:- Version 4b1761898861117c97066aea6c58f68a7787f0bf and below 01cd1b7b685751ee422d00d050292a3d277652d6 is affected.
- Version 64d17ec9f1ded042c4b188d15734f33486ed9966 and below 2f87fd9476cf9725d774e6dcb7d17859c6a6d1ae is affected.
- Version 6da24cfc83ba4f97ea44fc7ae9999a006101755c and below adbce6d20da6254c86425a8d4359b221b5ccbccd is affected.
- Version b7df21cf1b79ab7026f545e7bf837bd5750ac026 and below 42c8471b0566c7539e7dd584b4d0ebd3cec8cb2c is affected.
- Version b7df21cf1b79ab7026f545e7bf837bd5750ac026 and below d03a82f4f8144befdc10518e732e2a60b34c870e is affected.
- Version b7df21cf1b79ab7026f545e7bf837bd5750ac026 and below 614c5a5ae45a921595952117b2e2bd4d4bf9b574 is affected.
- Version b7df21cf1b79ab7026f545e7bf837bd5750ac026 and below 3210d34fda4caff212cb53729e6bd46de604d565 is affected.
- Version b7df21cf1b79ab7026f545e7bf837bd5750ac026 and below 97bf6f81b29a8efaf5d0983251a7450e5794370d is affected.
- Version b2c8d28c34b3070407cb1741f9ba3f15d0284b8b is affected.
- Version 5489f30bb78ff0dafb4229a69632afc2ba20765c is affected.
- Version 436d650d374329a591c30339a91fa5078052ed1e is affected.
- Version ace300eecbccaa698e2b472843c74a5f33f7dce8 is affected.
- Version 5.13 is affected.
- Before 5.13 is unaffected.
- Version 4.19.314, <= 4.19.* is unaffected.
- Version 5.4.276, <= 5.4.* is unaffected.
- Version 5.10.217, <= 5.10.* is unaffected.
- Version 5.15.159, <= 5.15.* is unaffected.
- Version 6.1.91, <= 6.1.* is unaffected.
- Version 6.6.31, <= 6.6.* is unaffected.
- Version 6.8.10, <= 6.8.* is unaffected.
- Version 6.9, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.