SB20240624123 - Resource management error in Linux kernel hsr
Published: June 24, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240624123
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-26707)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the send_hsr_supervision_frame() and send_prp_supervision_frame() functions in net/hsr/hsr_device.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0d8011a878fdf96123bc0d6a12e2fe7ced5fddfb
- https://git.kernel.org/stable/c/de769423b2f053182a41317c4db5a927e90622a0
- https://git.kernel.org/stable/c/56440799fc4621c279df16176f83a995d056023a
- https://git.kernel.org/stable/c/923dea2a7ea9e1ef5ac4031fba461c1cc92e32b8
- https://git.kernel.org/stable/c/547545e50c913861219947ce490c68a1776b9b51
- https://git.kernel.org/stable/c/37e8c97e539015637cb920d3e6f1e404f707a06e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.210
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.149
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.79
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.18
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8