CVE-2024-43861

MEDIUM EPSS 13.1%
Published Aug 20, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 20, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.12  –  <4.19.320
linuxlinux_kernel*≥4.20  –  <5.4.282
linuxlinux_kernel*≥5.5  –  <5.10.224
linuxlinux_kernel*≥5.11  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.105
linuxlinux_kernel*≥6.2  –  <6.6.46
linuxlinux_kernel*≥6.7  –  <6.10.5
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/37c093449704017870604994ba9b813cdb9475a4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3c90a69533b5bba73401ef884d033ea49ee99662
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ab107544b777c3bd7feb9fe447367d8edd5b202
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c4251a3deccad852b27e60625f31fba6cc14372f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c6c5b91424fafc0f83852d961c10c7e43a001882
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da518cc9b64df391795d9952aed551e0f782e446
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e87f52225e04a7001bf55bbd7a330fa4252327b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f2c353227de14b0289298ffc3ba92058c4768384
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/37c093449704017870604994ba9b813cdb9475a4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3c90a69533b5bba73401ef884d033ea49ee99662
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ab107544b777c3bd7feb9fe447367d8edd5b202
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c4251a3deccad852b27e60625f31fba6cc14372f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c6c5b91424fafc0f83852d961c10c7e43a001882
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/da518cc9b64df391795d9952aed551e0f782e446
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e87f52225e04a7001bf55bbd7a330fa4252327b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f2c353227de14b0289298ffc3ba92058c4768384
    Patch