SB20241230270 - Resource management error in Linux kernel net driver
Published: December 30, 2024 Updated: May 11, 2025
Security Bulletin ID
SB20241230270
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-56636)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the geneve_xmit_skb() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/177b72ed7c77b11e46dd4336d73a87a77a5603af
- https://git.kernel.org/stable/c/2ee7bdc7cb40abfe658a71fbd10c7db2f4fc4f9a
- https://git.kernel.org/stable/c/8588c99c7d47448fcae39e3227d6e2bb97aad86d
- https://git.kernel.org/stable/c/97ce3a4ec55eac6b5e2949ffb04028d604afda3b
- https://git.kernel.org/stable/c/b65958284401016b983078c68f70b047537f4aba
- https://git.kernel.org/stable/c/d9fa09ca004befe9cf826d6820439cb6f93cecd7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.231