Описание
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
It seems that if userspace provides a correct IFA_TARGET_NETNSID value
but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()
returns -EINVAL with an elevated "struct net" refcount.
A flaw was discovered in the Linux kernel's IPv6 implementation, specifically within the inet6_rtm_getaddr() function. The issue arises when user space provides a valid IFA_TARGET_NETNSID value but omits the IFA_ADDRESS and IFA_LOCAL attributes. In such cases, the function returns an -EINVAL error while inadvertently increasing the reference count of the struct net object, leading to a potential memory leak. This flaw has been addressed by ensuring that the reference count is properly managed, preventing unintended resource retention. Users are advised to update their Linux kernel to a version that includes this fix to maintain system stability and prevent resource leaks.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 8 | kernel | Under investigation | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Under investigation | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2024:5363 | 15.08.2024 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2024:5363 | 15.08.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel | Fixed | RHSA-2024:4823 | 24.07.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | kernel-rt | Fixed | RHSA-2024:4831 | 24.07.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINVAL with an elevated "struct net" refcount.
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINVAL with an elevated "struct net" refcount.
In the Linux kernel, the following vulnerability has been resolved: i ...
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINVAL with an elevated "struct net" refcount.
Уязвимость компонента ipv6 ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS
5.5 Medium
CVSS3