cve-2024-44985
Vulnerability from cvelistv5
Published
2024-09-04 19:54
Modified
2025-01-09 15:35
Severity ?
EPSS score ?
Summary
ipv6: prevent possible UAF in ip6_xmit()
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-44985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T01:05:42.699758Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T01:07:00.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/ip6_output.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b3a3d5333c13a1be57499581eab4a8fc94d57f36",
"status": "affected",
"version": "81d626b00bdba16504eeae9cc891b18e83a9471a",
"versionType": "git"
},
{
"lessThan": "c47e022011719fc5727bca661d662303180535ba",
"status": "affected",
"version": "ee6b1db17f8287b615448488fc37f42bcfe9ece6",
"versionType": "git"
},
{
"lessThan": "975f764e96f71616b530e300c1bb2ac0ce0c2596",
"status": "affected",
"version": "0c9f227bee11910a49e1d159abe102d06e3745d5",
"versionType": "git"
},
{
"lessThan": "38a21c026ed2cc7232414cb166efc1923f34af17",
"status": "affected",
"version": "0c9f227bee11910a49e1d159abe102d06e3745d5",
"versionType": "git"
},
{
"lessThan": "124b428fe28064c809e4237b0b38e97200a8a4a8",
"status": "affected",
"version": "0c9f227bee11910a49e1d159abe102d06e3745d5",
"versionType": "git"
},
{
"lessThan": "fc88d6c1f2895a5775795d82ec581afdff7661d1",
"status": "affected",
"version": "0c9f227bee11910a49e1d159abe102d06e3745d5",
"versionType": "git"
},
{
"lessThan": "2d5ff7e339d04622d8282661df36151906d0e1c7",
"status": "affected",
"version": "0c9f227bee11910a49e1d159abe102d06e3745d5",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/ip6_output.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.166",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.107",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.48",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"version": "6.10.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.11",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UAF in ip6_xmit()\n\nIf skb_expand_head() returns NULL, skb has been freed\nand the associated dst/idev could also have been freed.\n\nWe must use rcu_read_lock() to prevent a possible UAF."
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T15:35:26.143Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b3a3d5333c13a1be57499581eab4a8fc94d57f36"
},
{
"url": "https://git.kernel.org/stable/c/c47e022011719fc5727bca661d662303180535ba"
},
{
"url": "https://git.kernel.org/stable/c/975f764e96f71616b530e300c1bb2ac0ce0c2596"
},
{
"url": "https://git.kernel.org/stable/c/38a21c026ed2cc7232414cb166efc1923f34af17"
},
{
"url": "https://git.kernel.org/stable/c/124b428fe28064c809e4237b0b38e97200a8a4a8"
},
{
"url": "https://git.kernel.org/stable/c/fc88d6c1f2895a5775795d82ec581afdff7661d1"
},
{
"url": "https://git.kernel.org/stable/c/2d5ff7e339d04622d8282661df36151906d0e1c7"
}
],
"title": "ipv6: prevent possible UAF in ip6_xmit()",
"x_generator": {
"engine": "bippy-5f407fcff5a0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-44985",
"datePublished": "2024-09-04T19:54:34.188Z",
"dateReserved": "2024-08-21T05:34:56.670Z",
"dateUpdated": "2025-01-09T15:35:26.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-44985\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-09-04T20:15:07.777\",\"lastModified\":\"2025-01-09T16:15:38.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nipv6: prevent possible UAF in ip6_xmit()\\n\\nIf skb_expand_head() returns NULL, skb has been freed\\nand the associated dst/idev could also have been freed.\\n\\nWe must use rcu_read_lock() to prevent a possible UAF.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ipv6: evitar posible UAF en ip6_xmit() Si skb_expand_head() devuelve NULL, skb se ha liberado y el dst/idev asociado tambi\u00e9n podr\u00eda haberse liberado. Debemos utilizar rcu_read_lock() para evitar un posible UAF.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.15\",\"versionEndExcluding\":\"5.15.166\",\"matchCriteriaId\":\"1E86C365-0589-4961-B85C-B76395A12CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.107\",\"matchCriteriaId\":\"53954FF8-CB48-4302-BC4C-9DA7A88F44A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.48\",\"matchCriteriaId\":\"9DE9201A-CE6B-4726-BABB-8265EA0F8AE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.10.7\",\"matchCriteriaId\":\"D2AFDFD1-D95A-4EB7-843B-5E7659518B67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3CE743-2126-47A3-8B7C-822B502CF119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DEB27E7-30AA-45CC-8934-B89263EF3551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0005AEF-856E-47EB-BFE4-90C46899394D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"39889A68-6D34-47A6-82FC-CD0BF23D6754\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/124b428fe28064c809e4237b0b38e97200a8a4a8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2d5ff7e339d04622d8282661df36151906d0e1c7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/38a21c026ed2cc7232414cb166efc1923f34af17\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/975f764e96f71616b530e300c1bb2ac0ce0c2596\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b3a3d5333c13a1be57499581eab4a8fc94d57f36\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c47e022011719fc5727bca661d662303180535ba\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fc88d6c1f2895a5775795d82ec581afdff7661d1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.