We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56602

net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()



Description

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to the provided sock object. If ieee802154_create() fails later, the allocated sk object is freed, but the dangling pointer remains in the provided sock object, which may allow use-after-free. Clear the sk pointer in the sock object on error.

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 1d5fe782c0ff068d80933f9cfd0fd39d5434bbc9
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 14959fd7538b3be6d7617d9e60e404d6a8d4fd1f
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 2b46994a6e76c8cc5556772932b9b60d03a55cd8
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before e8bd6c5f5dc2234b4ea714380aedeea12a781754
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b4982fbf13042e3bb33e04eddfea8b1506b5ea65
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 03caa9bfb9fde97fb53d33decd7364514e6825cb
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b4fcd63f6ef79c73cafae8cf4a114def5fc3d80d
affected

Default status
affected

5.4.287
unaffected

5.10.231
unaffected

5.15.174
unaffected

6.1.120
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13
unaffected

References

git.kernel.org/...c/1d5fe782c0ff068d80933f9cfd0fd39d5434bbc9

git.kernel.org/...c/14959fd7538b3be6d7617d9e60e404d6a8d4fd1f

git.kernel.org/...c/2b46994a6e76c8cc5556772932b9b60d03a55cd8

git.kernel.org/...c/e8bd6c5f5dc2234b4ea714380aedeea12a781754

git.kernel.org/...c/b4982fbf13042e3bb33e04eddfea8b1506b5ea65

git.kernel.org/...c/03caa9bfb9fde97fb53d33decd7364514e6825cb

git.kernel.org/...c/b4fcd63f6ef79c73cafae8cf4a114def5fc3d80d

cve.org (CVE-2024-56602)

nvd.nist.gov (CVE-2024-56602)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56602

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.