THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-39489

ipv6: sr: fix memleak in seg6_hmac_init_algo

AssignerLinux
Reserved2024-06-25
Published2024-07-10
Updated2024-07-15

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.

Product status

Default status
unaffected

bf355b8d2c30 before afd5730969ae
affected

bf355b8d2c30 before 4a3fcf53725b
affected

bf355b8d2c30 before daf341e0a231
affected

bf355b8d2c30 before 61d31ac85b45
affected

bf355b8d2c30 before 599a56542150
affected

bf355b8d2c30 before 0e44d6cbe8de
affected

bf355b8d2c30 before f6a99ef4e056
affected

bf355b8d2c30 before efb9f4f19f8e
affected

Default status
affected

4.10
affected

Any version before 4.10
unaffected

4.19.316
unaffected

5.4.278
unaffected

5.10.219
unaffected

5.15.161
unaffected

6.1.93
unaffected

6.6.33
unaffected

6.9.4
unaffected

6.10
unaffected

References

https://git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976

https://git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3

https://git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be

https://git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c

https://git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821

https://git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6

https://git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383

https://git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6

cve.org CVE-2024-39489

nvd.nist.gov CVE-2024-39489

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-39489
© Copyright 2024 THREATINT. Made in Cyprus with +