{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-38554","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-06-18T19:36:34.920Z","datePublished":"2024-06-19T13:35:25.406Z","dateUpdated":"2025-05-04T12:56:43.328Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:56:43.328Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issue of net_device\n\nThere is a reference count leak issue of the object \"net_device\" in\nax25_dev_device_down(). When the ax25 device is shutting down, the\nax25_dev_device_down() drops the reference count of net_device one\nor zero times depending on if we goto unlock_put or not, which will\ncause memory leak.\n\nIn order to solve the above issue, decrease the reference count of\nnet_device after dev->ax25_ptr is set to null."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/ax25/ax25_dev.c"],"versions":[{"version":"d01ffb9eee4af165d83b08dd73ebdf9fe94a519b","lessThan":"3ec437f9bbae68e9b38115c4c91de995f73f6bad","status":"affected","versionType":"git"},{"version":"d01ffb9eee4af165d83b08dd73ebdf9fe94a519b","lessThan":"965d940fb7414b310a22666503d2af69459c981b","status":"affected","versionType":"git"},{"version":"d01ffb9eee4af165d83b08dd73ebdf9fe94a519b","lessThan":"8bad3a20a27be8d935f2aae08d3c6e743754944a","status":"affected","versionType":"git"},{"version":"d01ffb9eee4af165d83b08dd73ebdf9fe94a519b","lessThan":"eef95df9b752699bddecefa851f64858247246e9","status":"affected","versionType":"git"},{"version":"d01ffb9eee4af165d83b08dd73ebdf9fe94a519b","lessThan":"36e56b1b002bb26440403053f19f9e1a8bc075b2","status":"affected","versionType":"git"},{"version":"ef0a2a0565727a48f2e36a2c461f8b1e3a61922d","status":"affected","versionType":"git"},{"version":"e2b558fe507a1ed4c43db2b0057fc6e41f20a14c","status":"affected","versionType":"git"},{"version":"418993bbaafb0cd48f904ba68eeda052d624c821","status":"affected","versionType":"git"},{"version":"5ea00fc60676c0eebfa8560ec461209d638bca9d","status":"affected","versionType":"git"},{"version":"9af0fd5c4453a44c692be0cbb3724859b75d739b","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/ax25/ax25_dev.c"],"versions":[{"version":"5.17","status":"affected"},{"version":"0","lessThan":"5.17","status":"unaffected","versionType":"semver"},{"version":"6.1.93","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.33","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.8.12","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9.3","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.1.93"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.6.33"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.8.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.9.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.277"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.240"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.190"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.112"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.35"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3ec437f9bbae68e9b38115c4c91de995f73f6bad"},{"url":"https://git.kernel.org/stable/c/965d940fb7414b310a22666503d2af69459c981b"},{"url":"https://git.kernel.org/stable/c/8bad3a20a27be8d935f2aae08d3c6e743754944a"},{"url":"https://git.kernel.org/stable/c/eef95df9b752699bddecefa851f64858247246e9"},{"url":"https://git.kernel.org/stable/c/36e56b1b002bb26440403053f19f9e1a8bc075b2"}],"title":"ax25: Fix reference count leak issue of net_device","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T04:12:25.671Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/3ec437f9bbae68e9b38115c4c91de995f73f6bad","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/965d940fb7414b310a22666503d2af69459c981b","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/8bad3a20a27be8d935f2aae08d3c6e743754944a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/eef95df9b752699bddecefa851f64858247246e9","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/36e56b1b002bb26440403053f19f9e1a8bc075b2","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-38554","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T17:14:44.470574Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:57.101Z"}}]}}