PT-2024-29159 · Linux+5 · Linux Kernel+5

Published

2024-05-28

Updated

2025-02-03

CVE-2024-40942

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is related to a memory leak in the wifi component of the Linux kernel. Specifically, it affects the mesh functionality, where objects of type mesh preq queue are not properly cleaned up when the mesh interface is removed. This can lead to a denial of service. The issue is resolved by flushing the corresponding items in the preq queue in mesh path flush pending(). The vulnerability may cause KASAN reports indicating unreferenced objects.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2025-03429

CVE-2024-40942

DLA-4008-1

DSA-5730-1

DSA-5731-1

OESA-2024-1944

OESA-2024-1992

OESA-2024-1994

OESA-2024-1995

OESA-2025-1078

OPENSUSE-SU-2024_2947-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-6999-1

USN-6999-2

USN-7003-1

USN-7003-2

USN-7003-3

USN-7003-4

USN-7003-5

USN-7004-1

USN-7005-1

USN-7005-2

USN-7006-1

USN-7007-1

USN-7007-2

USN-7007-3

USN-7008-1

USN-7009-1

USN-7009-2

USN-7019-1

USN-7029-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-29159 · Linux+5 · Linux Kernel+5

CVE-2024-40942

Weakness Enumeration

Related Identifiers

Affected Products

References · 2843