CVE-2024-40942
- ULN >
- Oracle Linux CVE repository >
- CVE-2024-40942
CVE Details
| Release Date: | 2024-07-12 |
Description
In the Linux kernel, the following vulnerability has been resolved:\nwifi: mac80211: mesh: Fix leak of mesh_preq_queue objects\nThe hwmp code use objects of type mesh_preq_queue, added to a list in\nieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath\ngets deleted, ex mesh interface is removed, the entries in that list will\nnever get cleaned. Fix this by flushing all corresponding items of the\npreq_queue in mesh_path_flush_pending().\nThis should take care of KASAN reports like this:\nunreferenced object 0xffff00000668d800 (size 128):\ncomm 'kworker/u8:4', pid 67, jiffies 4295419552 (age 1836.444s)\nhex dump (first 32 bytes):\n00 1f 05 09 00 00 ff ff 00 d5 68 06 00 00 ff ff ..........h.....\n8e 97 ea eb 3e b8 01 00 00 00 00 00 00 00 00 00 ....>...........\nbacktrace:\n[<000000007302a0b6>] __kmem_cache_alloc_node+0x1e0/0x35c\n[<00000000049bd418>] kmalloc_trace+0x34/0x80\n[<0000000000d792bb>] mesh_queue_preq+0x44/0x2a8\n[<00000000c99c3696>] mesh_nexthop_resolve+0x198/0x19c\n[<00000000926bf598>] ieee80211_xmit+0x1d0/0x1f4\n[<00000000fc8c2284>] __ieee80211_subif_start_xmit+0x30c/0x764\n[<000000005926ee38>] ieee80211_subif_start_xmit+0x9c/0x7a4\n[<000000004c86e916>] dev_hard_start_xmit+0x174/0x440\n[<0000000023495647>] __dev_queue_xmit+0xe24/0x111c\n[<00000000cfe9ca78>] batadv_send_skb_packet+0x180/0x1e4\n[<000000007bacc5d5>] batadv_v_elp_periodic_work+0x2f4/0x508\n[<00000000adc3cd94>] process_one_work+0x4b8/0xa1c\n[<00000000b36425d1>] worker_thread+0x9c/0x634\n[<0000000005852dd5>] kthread+0x1bc/0x1c4\n[<000000005fccd770>] ret_from_fork+0x10/0x20\nunreferenced object 0xffff000009051f00 (size 128):\ncomm 'kworker/u8:4', pid 67, jiffies 4295419553 (age 1836.440s)\nhex dump (first 32 bytes):\n90 d6 92 0d 00 00 ff ff 00 d8 68 06 00 00 ff ff ..........h.....\n36 27 92 e4 02 e0 01 00 00 58 79 06 00 00 ff ff 6'.......Xy.....\nbacktrace:\n[<000000007302a0b6>] __kmem_cache_alloc_node+0x1e0/0x35c\n[<00000000049bd418>] kmalloc_trace+0x34/0x80\n[<0000000000d792bb>] mesh_queue_preq+0x44/0x2a8\n[<00000000c99c3696>] mesh_nexthop_resolve+0x198/0x19c\n[<00000000926bf598>] ieee80211_xmit+0x1d0/0x1f4\n[<00000000fc8c2284>] __ieee80211_subif_start_xmit+0x30c/0x764\n[<000000005926ee38>] ieee80211_subif_start_xmit+0x9c/0x7a4\n[<000000004c86e916>] dev_hard_start_xmit+0x174/0x440\n[<0000000023495647>] __dev_queue_xmit+0xe24/0x111c\n[<00000000cfe9ca78>] batadv_send_skb_packet+0x180/0x1e4\n[<000000007bacc5d5>] batadv_v_elp_periodic_work+0x2f4/0x508\n[<00000000adc3cd94>] process_one_work+0x4b8/0xa1c\n[<00000000b36425d1>] worker_thread+0x9c/0x634\n[<0000000005852dd5>] kthread+0x1bc/0x1c4\n[<000000005fccd770>] ret_from_fork+0x10/0x20
See more information about CVE-2024-40942 from MITRE CVE dictionary and NIST NVD
CVSS Scoring
NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.
| Base Score: | 6.1 | CVSS Vector: | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L |
| Attack Vector: | Local network | Attack Complexity: | Low |
| Privileges Required: | Low | User Interaction: | None |
| Scope: | Unchanged | Confidentiality Impact: | High |
| Integrity Impact: | None | Availability Impact: | Low |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 7 (kernel-uek) | ELSA-2024-12610 | 2024-09-10 |
| Oracle Linux version 7 (kernel-uek-container) | ELSA-2024-12612 | 2024-09-11 |
| Oracle Linux version 8 (kernel-uek) | ELSA-2024-12610 | 2024-09-10 |
| Oracle Linux version 8 (kernel-uek) | ELSA-2024-12618 | 2024-09-12 |
| Oracle Linux version 8 (kernel-uek-container) | ELSA-2024-12612 | 2024-09-11 |
| Oracle Linux version 9 (kernel-uek) | ELSA-2024-12618 | 2024-09-12 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
