CVE-2024-26734 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in case of unsuccessful registration.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/919092bd5482b7070ae66d1daef73b600738f3a2
https://git.kernel.org/stable/c/def689fc26b9a9622d2e2cb0c4933dd3b1c8071c
https://git.kernel.org/stable/c/e91d3561e28d7665f4f837880501dc8755f635a9
https://lore.kernel.org/linux-cve-announce/2024040359-CVE-2024-26734-277b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26734
https://www.cve.org/CVERecord?id=CVE-2024-26734

History

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-03T17:00:21.162Z

Updated: 2024-11-05T09:14:45.609Z

Reserved: 2024-02-19T14:20:24.165Z

Link: CVE-2024-26734

Vulnrichment

Updated: 2024-08-02T00:14:13.249Z

NVD

Status : Awaiting Analysis

Published: 2024-04-03T17:15:51.100

Modified: 2024-04-03T17:24:18.150

Link: CVE-2024-26734

Redhat

Severity : Moderate

Publid Date: 2024-04-03T00:00:00Z

Links: CVE-2024-26734 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-26734", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.165Z", "datePublished": "2024-04-03T17:00:21.162Z", "dateUpdated": "2024-11-05T09:14:45.609Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:14:45.609Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix possible use-after-free and memory leaks in devlink_init()\n\nThe pernet operations structure for the subsystem must be registered\nbefore registering the generic netlink family.\n\nMake an unregister in case of unsuccessful registration."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/devlink/core.c"], "versions": [{"version": "687125b5799c", "lessThan": "919092bd5482", "status": "affected", "versionType": "git"}, {"version": "687125b5799c", "lessThan": "e91d3561e28d", "status": "affected", "versionType": "git"}, {"version": "687125b5799c", "lessThan": "def689fc26b9", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/devlink/core.c"], "versions": [{"version": "6.3", "status": "affected"}, {"version": "0", "lessThan": "6.3", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.19", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.7", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/919092bd5482b7070ae66d1daef73b600738f3a2"}, {"url": "https://git.kernel.org/stable/c/e91d3561e28d7665f4f837880501dc8755f635a9"}, {"url": "https://git.kernel.org/stable/c/def689fc26b9a9622d2e2cb0c4933dd3b1c8071c"}], "title": "devlink: fix possible use-after-free and memory leaks in devlink_init()", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.249Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/919092bd5482b7070ae66d1daef73b600738f3a2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e91d3561e28d7665f4f837880501dc8755f635a9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/def689fc26b9a9622d2e2cb0c4933dd3b1c8071c", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26734", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:51:57.238703Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:19.585Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/919092bd5482b7070ae66d1daef73b600738f3a2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e91d3561e28d7665f4f837880501dc8755f635a9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/def689fc26b9a9622d2e2cb0c4933dd3b1c8071c", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.249Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26734", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:51:57.238703Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.163Z"}}], "cna": {"title": "devlink: fix possible use-after-free and memory leaks in devlink_init()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "687125b5799c", "lessThan": "919092bd5482", "versionType": "git"}, {"status": "affected", "version": "687125b5799c", "lessThan": "e91d3561e28d", "versionType": "git"}, {"status": "affected", "version": "687125b5799c", "lessThan": "def689fc26b9", "versionType": "git"}], "programFiles": ["net/devlink/core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.3"}, {"status": "unaffected", "version": "0", "lessThan": "6.3", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.19", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.7", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/devlink/core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/919092bd5482b7070ae66d1daef73b600738f3a2"}, {"url": "https://git.kernel.org/stable/c/e91d3561e28d7665f4f837880501dc8755f635a9"}, {"url": "https://git.kernel.org/stable/c/def689fc26b9a9622d2e2cb0c4933dd3b1c8071c"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix possible use-after-free and memory leaks in devlink_init()\n\nThe pernet operations structure for the subsystem must be registered\nbefore registering the generic netlink family.\n\nMake an unregister in case of unsuccessful registration."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:14:45.609Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26734", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:14:45.609Z", "dateReserved": "2024-02-19T14:20:24.165Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-03T17:00:21.162Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: devlink: fix possible use-after-free and memory leaks in devlink_init()", "id": "2273244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273244"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndevlink: fix possible use-after-free and memory leaks in devlink_init()\nThe pernet operations structure for the subsystem must be registered\nbefore registering the generic netlink family.\nMake an unregister in case of unsuccessful registration.", "A vulnerability was found in the devlink_init() function in the Linux kernel. Use-after-free and memory leak issues can occur due to an incorrect order of initialization and cleanup in case of errors. This issue could lead to memory corruption or crashes."], "name": "CVE-2024-26734", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26734\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26734\nhttps://lore.kernel.org/linux-cve-announce/2024040359-CVE-2024-26734-277b@gregkh/T"], "statement": "Red Hat Enterprise Linux 8 is not affected by this vulnerability.", "threat_severity": "Moderate", "upstream_fix": "kernel 6.6.19, kernel 6.7.7, kernel 6.8"}