PT-2024-37027 · Linux+7 · Linux Kernel+7
Published
2024-12-29
·
Updated
2026-03-14
·
CVE-2024-56715
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A vulnerability in the Linux kernel's ionic driver has been resolved. The issue occurred when the
register netdev() function failed, causing the driver to leak the netdev notifier. This was fixed by calling ionic lif unregister() on register netdev() failure, which also calls ionic lif unregister phc() if it has already been registered.Recommendations
For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider disabling the
ionic lif register() function until a patch is available. Restrict access to the register netdev() function to minimize the risk of exploitation. Avoid using the register netdev() function in the affected kernel versions until the issue is resolved.Exploit
Fix
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu