CVE-2024-35858

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37

Description The issue is related to a memory leak in the Linux kernel's bcmasp component when bringing down the interface. This occurs because the flushed packets are not reclaimed, leading to a memory leak since the dma mapped buffers are not freed. Additionally, this can cause tx control block corruption when bringing down the interface for power management. The vulnerability can be exploited to cause a denial of service.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.37 or later. As a temporary workaround, consider disabling the interface for power management until a patch is available. Restrict access to the vulnerable bcmasp component to minimize the risk of exploitation. Avoid using the affected interface until the issue is resolved.