We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56606

af_packet: avoid erroring out after sock_init_data() in packet_create()



Description

In the Linux kernel, the following vulnerability has been resolved: af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leaving the dangling pointer in the sock object on return. Some other code may try to use this pointer and cause use-after-free.

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 71b22837a5e55ac27d6a14b9cdf2326587405c4f
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 1dc1e1db927056cb323296e2294a855cd003dfe7
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 132e615bb1d7cdec2d3cfbdec2efa630e923fd21
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a6cf750b737374454a4e03a5ed449a3eb0c96414
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 157f08db94123e2ba56877dd0ac88908b13a5dd0
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before fd09880b16d33aa5a7420578e01cd79148fa9829
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 46f2a11cb82b657fd15bab1c47821b635e03838b
affected

Default status
affected

5.4.287
unaffected

5.10.231
unaffected

5.15.174
unaffected

6.1.120
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13
unaffected

References

git.kernel.org/...c/71b22837a5e55ac27d6a14b9cdf2326587405c4f

git.kernel.org/...c/1dc1e1db927056cb323296e2294a855cd003dfe7

git.kernel.org/...c/132e615bb1d7cdec2d3cfbdec2efa630e923fd21

git.kernel.org/...c/a6cf750b737374454a4e03a5ed449a3eb0c96414

git.kernel.org/...c/157f08db94123e2ba56877dd0ac88908b13a5dd0

git.kernel.org/...c/fd09880b16d33aa5a7420578e01cd79148fa9829

git.kernel.org/...c/46f2a11cb82b657fd15bab1c47821b635e03838b

cve.org (CVE-2024-56606)

nvd.nist.gov (CVE-2024-56606)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56606

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.