CVE-2024-39489
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-39489
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39489.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-39489
- Downstream
- Related
- Published
- 2024-07-10T08:15:11Z
- Modified
- 2025-08-09T20:01:26Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix memleak in seg6hmacinit_algo
seg6hmacinit_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms.
Update seg6hmacexit to only free the memory when allocated, so we can reuse the code directly.
- References
-
- https://git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6
- https://git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3
- https://git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821
- https://git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c
- https://git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976
- https://git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be
- https://git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6
- https://git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383