| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024122703-CVE-2024-56601-2150@gregkh> Date: Fri, 27 Dec 2024 15:51:08 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() Description =========== In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock object retains the dangling pointer, which may create use-after-free later. Clear the sk pointer in the sock object on error. The Linux kernel CVE team has assigned CVE-2024-56601 to this issue. Affected and fixed versions =========================== Fixed in 5.4.287 with commit f8a3f255f7509a209292871715cda03779640c8d Fixed in 5.10.231 with commit 2bc34d8c8898ae9fddf4612501aabb22d76c2b2c Fixed in 5.15.174 with commit 3e8258070b0f2aba66b3ef18883de229674fb288 Fixed in 6.1.120 with commit b4513cfd3a10c03c660d5d3d26c2e322efbfdd9b Fixed in 6.6.66 with commit 25447c6aaa7235f155292b0c58a067347e8ae891 Fixed in 6.12.5 with commit 691d6d816f93b2a1008c14178399061466e674ef Fixed in 6.13-rc1 with commit 9365fa510c6f82e3aa550a09d0c5c6b44dbc78ff Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-56601 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/ipv4/af_inet.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/f8a3f255f7509a209292871715cda03779640c8d https://git.kernel.org/stable/c/2bc34d8c8898ae9fddf4612501aabb22d76c2b2c https://git.kernel.org/stable/c/3e8258070b0f2aba66b3ef18883de229674fb288 https://git.kernel.org/stable/c/b4513cfd3a10c03c660d5d3d26c2e322efbfdd9b https://git.kernel.org/stable/c/25447c6aaa7235f155292b0c58a067347e8ae891 https://git.kernel.org/stable/c/691d6d816f93b2a1008c14178399061466e674ef https://git.kernel.org/stable/c/9365fa510c6f82e3aa550a09d0c5c6b44dbc78ff
Powered by blists - more mailing lists