CVE-2024-50172

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 7, 2024
Updated: Nov 13, 2024
CWE ID 401

Summary

CVE-2024-50172 is a newly identified vulnerability affecting the Linux kernel. Specifically, it involves the RDMA/bnxt_re component where a potential memory leak occurs. In the function bnxt_re_setup_chip_ctx(), if bnxt_qplib_map_db_bar() fails, the driver fails to free the memory allocated for "rdev->chip_ctx". This issue could potentially lead to memory exhaustion and system instability. The affected Linux kernel versions and releases have been released patches to address this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share