CVE-2024-50171

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 7, 2024
Updated: Nov 13, 2024
CWE ID 401

Summary

CVE-2024-50171 is a newly identified vulnerability in the Linux kernel. This issue lies in the net: systemport module and specifically affects the bcm_sysport_xmit() function. The function fails to free an skb (Socket Buffer) when dma_map_single() fails during transmission, resulting in a potential memory leak. To address this issue, dev_kfree_skb() has been added to ensure proper memory management and prevent potential memory exhaustion.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share