PT-2024-9018 · Linux+9 · Linux Kernel+9

Wen Gu

·

Published

2024-05-30

·

Updated

2026-05-26

·

CVE-2024-36945

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to a refcount leak in the smc ib find route() function, which may cause the disclosure of confidential information. The leak occurs because the neighbour found by neigh lookup() and the rtable resolved by ip route output flow() are not released or put before return. This may lead to a refcount leak.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Information Disclosure

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-401

Related Identifiers

ALSA-2024:5101
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2024-10700
CESA-2024_5101
CVE-2024-36945
INFSA-2024_5101
INFSA-2024_9315
MGASA-2024-0263
MGASA-2024-0266
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
RHSA-2024:5101
RHSA-2024:9315
RHSA-2024_5101
RHSA-2024_9315
RHSA-2025:13135
RLSA-2024:5101
RXSA-2024:5101
SUSE-SU-2024:2372-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6949-1
USN-6949-2
USN-6952-1
USN-6952-2
USN-6955-1
USN-7591-1
USN-7591-2
USN-7591-3
USN-7591-4
USN-7591-5
USN-7591-6
USN-7592-1
USN-7593-1
USN-7597-1
USN-7597-2
USN-7598-1
USN-7602-1
USN-7655-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu