CVE-2024-46861

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the usbnet: ipheth section in the Linux kernel, where RX callbacks can fail due to multiple reasons such as payload being too short, payload formatted incorrectly, or lack of memory. These failures should not cause the driver to seize up. The fix makes such failures non-critical and allows the driver to continue processing further incoming URBs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-13979

ALT-PU-2024-14046

AZL-49878

AZL-49895

BDU:2025-04631

CVE-2024-46861

OESA-2025-1159

OPENSUSE-SU-2024_3984-1

OPENSUSE-SU-2024_3986-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-46861

Weakness Enumeration

Related Identifiers

Affected Products

References · 1808