CVE-2024-35975

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. The previous patch which added support for Round robin scheduling has a bug due to which driver is not freeing transmit schedulers post class deletion. This patch fixes the same.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/7af5582ea67209a23e44be9a9612ba7897be1f47	Patch
https://git.kernel.org/stable/c/b34fe77a1b18654233e4e54b334fcaeddf487100	Patch
https://git.kernel.org/stable/c/bccb798e07f8bb8b91212fe8ed1e421685449076	Patch
https://git.kernel.org/stable/c/7af5582ea67209a23e44be9a9612ba7897be1f47	Patch
https://git.kernel.org/stable/c/b34fe77a1b18654233e4e54b334fcaeddf487100	Patch
https://git.kernel.org/stable/c/bccb798e07f8bb8b91212fe8ed1e421685449076	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc3::::::

History

No history.

Information

Published : 2024-05-20 10:15

Updated : 2025-01-14 16:38

NVD link : CVE-2024-35975

Mitre link : CVE-2024-35975

CVE.ORG link : CVE-2024-35975

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

{"id": "CVE-2024-35975", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-05-20T10:15:12.210", "references": [{"url": "https://git.kernel.org/stable/c/7af5582ea67209a23e44be9a9612ba7897be1f47", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b34fe77a1b18654233e4e54b334fcaeddf487100", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bccb798e07f8bb8b91212fe8ed1e421685449076", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7af5582ea67209a23e44be9a9612ba7897be1f47", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/b34fe77a1b18654233e4e54b334fcaeddf487100", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/bccb798e07f8bb8b91212fe8ed1e421685449076", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix transmit scheduler resource leak\n\nInorder to support shaping and scheduling, Upon class creation\nNetdev driver allocates trasmit schedulers.\n\nThe previous patch which added support for Round robin scheduling has\na bug due to which driver is not freeing transmit schedulers post\nclass deletion.\n\nThis patch fixes the same."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: octeontx2-pf: corrige la fuga de recursos del programador de transmisi\u00f3n. Para admitir la configuraci\u00f3n y la programaci\u00f3n, al crear la clase, el controlador Netdev asigna programadores de transmisi\u00f3n. El parche anterior que agreg\u00f3 soporte para la programaci\u00f3n por turnos tiene un error debido a que el controlador no libera los programadores de transmisi\u00f3n despu\u00e9s de la eliminaci\u00f3n de la clase. Este parche soluciona lo mismo."}], "lastModified": "2025-01-14T16:38:39.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54CE4EE1-C720-47E5-B190-A9E343A08775", "versionEndExcluding": "6.6.28", "versionStartIncluding": "6.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "531BDFB5-EF6A-4707-902E-146368303499", "versionEndExcluding": "6.8.7", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}