CVE-2024-36945

net/smc: fix neighbour and rtable leak in smc_ib_find_route()

Description

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix neighbour and rtable leak in smc_ib_find_route() In smc_ib_find_route(), the neighbour found by neigh_lookup() and rtable resolved by ip_route_output_flow() are not released or put before return. It may cause the refcount leak, so fix it.

N/A

CVSS

Severity:

EPSS 0.14%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/d5a466ab6e78d6f2e0f64435f1e17246c8e941ff
https://git.kernel.org/stable/c/5df93c029a907b0ff5a4eeadd77ba06ff0a277d2
https://git.kernel.org/stable/c/da91e447d06dc649fcf46e59122e7bf8f0b2e0db
https://git.kernel.org/stable/c/2ddc0dd7fec86ee53b8928a5cca5fbddd4fc7c06
https://security.netapp.com/advisory/ntap-20250404-0006/

Frequently Asked Questions

What is the severity of CVE-2024-36945?: CVE-2024-36945 has not yet been assigned a CVSS score.
How to fix CVE-2024-36945?: To fix CVE-2024-36945, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-36945 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-36945 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-36945?: CVE-2024-36945 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.