CVE-2024-35972 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly immediately after allocation.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

References

Link	Resource
https://git.kernel.org/stable/c/10a9d6a7513f93d7faffcb341af0aa42be8218fe	Patch
https://git.kernel.org/stable/c/7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ff	Patch
https://git.kernel.org/stable/c/c60ed825530b8c0cc2b524efd39b1d696ec54004	Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-20T09:41:59.814Z

Updated: 2024-06-17T17:40:30.069Z

Reserved: 2024-05-17T13:50:33.142Z

Link: CVE-2024-35972

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-05-20T10:15:12.013

Modified: 2024-05-23T21:04:02.433

Link: CVE-2024-35972

JSON object: View

Redhat Information

No data.

CWE

CWE-401

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-35972", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.142Z", "datePublished": "2024-05-20T09:41:59.814Z", "dateUpdated": "2024-06-17T17:40:30.069Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:32:13.187Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()\n\nIf ulp = kzalloc() fails, the allocated edev will leak because it is\nnot properly assigned and the cleanup path will not be able to free it.\nFix it by assigning it properly immediately after allocation."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c"], "versions": [{"version": "303432211324", "lessThan": "c60ed825530b", "status": "affected", "versionType": "git"}, {"version": "303432211324", "lessThan": "10a9d6a7513f", "status": "affected", "versionType": "git"}, {"version": "303432211324", "lessThan": "7ac10c7d728d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c"], "versions": [{"version": "6.3", "status": "affected"}, {"version": "0", "lessThan": "6.3", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.28", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8.7", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/c60ed825530b8c0cc2b524efd39b1d696ec54004"}, {"url": "https://git.kernel.org/stable/c/10a9d6a7513f93d7faffcb341af0aa42be8218fe"}, {"url": "https://git.kernel.org/stable/c/7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ff"}], "title": "bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T17:38:17.477692Z", "id": "CVE-2024-35972", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:40:30.069Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A44ABF89-F1BD-4C9A-895D-7596650DCD27", "versionEndExcluding": "5.10.216", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "65D80EF6-76AF-4186-B680-55516EA42EED", "versionEndExcluding": "5.15.158", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDA59296-EDB8-44CD-98E4-C08C051569E6", "versionEndExcluding": "6.1.87", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D6315B0-B3BA-406C-B0DB-51D9A63753F0", "versionEndExcluding": "6.6.28", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "531BDFB5-EF6A-4707-902E-146368303499", "versionEndExcluding": "6.8.7", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()\n\nIf ulp = kzalloc() fails, the allocated edev will leak because it is\nnot properly assigned and the cleanup path will not be able to free it.\nFix it by assigning it properly immediately after allocation."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bnxt_en: corrige una posible p\u00e9rdida de memoria en bnxt_rdma_aux_device_init() Si ulp = kzalloc() falla, el edev asignado se perder\u00e1 porque no est\u00e1 asignado correctamente y la ruta de limpieza no podr\u00e1 liberarlo. Solucionarlo asign\u00e1ndolo correctamente inmediatamente despu\u00e9s de la asignaci\u00f3n."}], "id": "CVE-2024-35972", "lastModified": "2024-05-23T21:04:02.433", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-20T10:15:12.013", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10a9d6a7513f93d7faffcb341af0aa42be8218fe"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7ac10c7d728d75bc9daaa8fade3c7a3273b9a9ff"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c60ed825530b8c0cc2b524efd39b1d696ec54004"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}