{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-53210","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-11-19T17:17:25.020Z","datePublished":"2024-12-27T13:49:56.183Z","dateUpdated":"2025-11-03T20:47:38.382Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:55:59.259Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()\n\nPassing MSG_PEEK flag to skb_recv_datagram() increments skb refcount\n(skb->users) and iucv_sock_recvmsg() does not decrement skb refcount\nat exit.\nThis results in skb memory leak in skb_queue_purge() and WARN_ON in\niucv_sock_destruct() during socket close. To fix this decrease\nskb refcount by one if MSG_PEEK is set in order to prevent memory\nleak and WARN_ON.\n\nWARNING: CPU: 2 PID: 6292 at net/iucv/af_iucv.c:286 iucv_sock_destruct+0x144/0x1a0 [af_iucv]\nCPU: 2 PID: 6292 Comm: afiucv_test_msg Kdump: loaded Tainted: G        W          6.10.0-rc7 #1\nHardware name: IBM 3931 A01 704 (z/VM 7.3.0)\nCall Trace:\n        [<001587c682c4aa98>] iucv_sock_destruct+0x148/0x1a0 [af_iucv]\n        [<001587c682c4a9d0>] iucv_sock_destruct+0x80/0x1a0 [af_iucv]\n        [<001587c704117a32>] __sk_destruct+0x52/0x550\n        [<001587c704104a54>] __sock_release+0xa4/0x230\n        [<001587c704104c0c>] sock_close+0x2c/0x40\n        [<001587c702c5f5a8>] __fput+0x2e8/0x970\n        [<001587c7024148c4>] task_work_run+0x1c4/0x2c0\n        [<001587c7023b0716>] do_exit+0x996/0x1050\n        [<001587c7023b13aa>] do_group_exit+0x13a/0x360\n        [<001587c7023b1626>] __s390x_sys_exit_group+0x56/0x60\n        [<001587c7022bccca>] do_syscall+0x27a/0x380\n        [<001587c7049a6a0c>] __do_syscall+0x9c/0x160\n        [<001587c7049ce8a8>] system_call+0x70/0x98\n        Last Breaking-Event-Address:\n        [<001587c682c4a9d4>] iucv_sock_destruct+0x84/0x1a0 [af_iucv]"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/iucv/af_iucv.c"],"versions":[{"version":"eac3731bd04c7131478722a3c148b78774553116","lessThan":"934326aef7ac4652f81c69d18bf44eebaefc39c3","status":"affected","versionType":"git"},{"version":"eac3731bd04c7131478722a3c148b78774553116","lessThan":"42251c2d1ef1cb0822638bebb87ad9120c759673","status":"affected","versionType":"git"},{"version":"eac3731bd04c7131478722a3c148b78774553116","lessThan":"783c2c6e61c5a04eb8baea598753d5fa174dbe85","status":"affected","versionType":"git"},{"version":"eac3731bd04c7131478722a3c148b78774553116","lessThan":"9f603e66e1c59c1d25e60eb0636cb307d190782e","status":"affected","versionType":"git"},{"version":"eac3731bd04c7131478722a3c148b78774553116","lessThan":"ebaf81317e42aa990ad20b113cfe3a7b20d4e937","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/iucv/af_iucv.c"],"versions":[{"version":"2.6.21","status":"affected"},{"version":"0","lessThan":"2.6.21","status":"unaffected","versionType":"semver"},{"version":"6.1.120","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.64","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.11.11","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12.2","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.21","versionEndExcluding":"6.1.120"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.21","versionEndExcluding":"6.6.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.21","versionEndExcluding":"6.11.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.21","versionEndExcluding":"6.12.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.21","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/934326aef7ac4652f81c69d18bf44eebaefc39c3"},{"url":"https://git.kernel.org/stable/c/42251c2d1ef1cb0822638bebb87ad9120c759673"},{"url":"https://git.kernel.org/stable/c/783c2c6e61c5a04eb8baea598753d5fa174dbe85"},{"url":"https://git.kernel.org/stable/c/9f603e66e1c59c1d25e60eb0636cb307d190782e"},{"url":"https://git.kernel.org/stable/c/ebaf81317e42aa990ad20b113cfe3a7b20d4e937"}],"title":"s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"id":"CVE-2024-53210","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2025-10-01T20:03:40.043157Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-401","description":"CWE-401 Missing Release of Memory after Effective Lifetime"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-01T20:07:19.744Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:47:38.382Z"}}]}}