SB20241230226 - Improper error handling in Linux kernel net
Published: December 30, 2024 Updated: May 11, 2025
Security Bulletin ID
SB20241230226
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2024-56659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/net/lapb.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/03e661b5e7aa1124f24054df9ab2ee5cb2178973
- https://git.kernel.org/stable/c/2b351355bbd50ae25d096785b6eb31998d2bf765
- https://git.kernel.org/stable/c/3aa2ef7ffd0451e8f81c249d2a2a68283c6bc700
- https://git.kernel.org/stable/c/76d856f03d0290cf5392364ecdf74c15ee16b8fd
- https://git.kernel.org/stable/c/a6d75ecee2bf828ac6a1b52724aba0a977e4eaf4
- https://git.kernel.org/stable/c/c21c7c1c00bcc60cf752ec491bdfd47693f4d3c7
- https://git.kernel.org/stable/c/f0949199651bc87c5ed2c12a7323f441f1af6fe9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.121