CVE-2024-38554

There is a reference count leak issue of the object "netdevice" in ax25devdevicedown(). When the ax25 device is shutting down, the ax25devdevicedown() drops the reference count of netdevice one or zero times depending on if we goto unlock_put or not, which will cause memory leak.

In order to solve the above issue, decrease the reference count of netdevice after dev->ax25ptr is set to null.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38554.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d01ffb9eee4af165d83b08dd73ebdf9fe94a519b

Fixed

3ec437f9bbae68e9b38115c4c91de995f73f6bad

Fixed

965d940fb7414b310a22666503d2af69459c981b

Fixed

8bad3a20a27be8d935f2aae08d3c6e743754944a

Fixed

eef95df9b752699bddecefa851f64858247246e9

Fixed

36e56b1b002bb26440403053f19f9e1a8bc075b2

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

ef0a2a0565727a48f2e36a2c461f8b1e3a61922d

Last affected

e2b558fe507a1ed4c43db2b0057fc6e41f20a14c

Last affected

418993bbaafb0cd48f904ba68eeda052d624c821

Last affected

5ea00fc60676c0eebfa8560ec461209d638bca9d

Last affected

9af0fd5c4453a44c692be0cbb3724859b75d739b

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38554.json"