In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix invalid unregister error path
The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL
is not defined. In that case if seg6_hmac_init() fails, the
genl_unregister_family() isn't called.
This issue exist since commit 46738b1317e1 ("ipv6: sr: add option to control
lwtunnel support"), and commit 5559cea2d5aa ("ipv6: sr: fix possible
use-after-free and null-ptr-deref") replaced unregister_pernet_subsys()
with genl_unregister_family() in this error path.
References
Configurations
No configuration.
History
15 Jul 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Jul 2024, 02:05
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-416 CWE-476 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
27 Jun 2024, 13:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Jun 2024, 12:43
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 Jun 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-19 14:15
Updated : 2024-07-15 07:15
NVD link : CVE-2024-38612
Mitre link : CVE-2024-38612
CVE.ORG link : CVE-2024-38612
JSON object : View
Products Affected
No product.