In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor prevents it from being freed, leading to a memory leak
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: lan743x: Se solucionó el problema de fuga de memoria con GSO habilitado. Siempre se asigna `skb` al descriptor LS. Anteriormente, skb se asignaba al descriptor EXT cuando el número de fragmentos era cero con GSO habilitado. Asignar skb al descriptor EXT impide su liberación, lo que provoca una fuga de memoria.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-401
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b1800> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bfc131c40> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bfc552340> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b2280> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b1f00> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702bcc9b2240> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x702b70376fc0> | Operating System |
| linux | linux_kernel | 6.15 | <built-in method update of dict object at 0x702bcc9b3f80> | Operating System |
| linux | linux_kernel | 6.15 | <built-in method update of dict object at 0x702bcc9b10c0> | Operating System |
| linux | linux_kernel | 6.15 | <built-in method update of dict object at 0x702bcc9b3580> | Operating System |
| linux | linux_kernel | 6.15 | <built-in method update of dict object at 0x702bcc9b34c0> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x702bcc9b3a80> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.15:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.15:rc2:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.15:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.15:rc4:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |