Vulnerabilities > CVE-2024-56720 - Memory Leak vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. In sk_msg_shift_left, we should put_page 2. if (len == 0), return early is better 3. pop the entire sk_msg (last == msg->sg.size) should be supported 4. Fix for the value of variable "a" 5. In sk_msg_shift_left, after shifting, i has already pointed to the next element. Addtional sk_msg_iter_var_next may result in BUG.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/275a9f3ef8fabb0cb282a62b9e164dedba7284c5
- https://git.kernel.org/stable/c/5d609ba262475db450ba69b8e8a557bd768ac07a
- https://git.kernel.org/stable/c/785180bed9879680d8e5c5e1b54c8ae8d948f4c8
- https://git.kernel.org/stable/c/98c7ea7d11f2588e8197db042e0291e4ac8f8346
- https://git.kernel.org/stable/c/d26d977633d1d0b8bf9407278189bd0a8d973323
- https://git.kernel.org/stable/c/d3f5763b3062514a234114e97bbde74d8d702449
- https://git.kernel.org/stable/c/e1f54c61c4c9a5244eb8159dce60d248f7d97b32
- https://git.kernel.org/stable/c/f58d3aa457e77a3d9b3df2ab081dcf9950f6029f