CVE-2024-50168

net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()

Description

In the Linux kernel, the following vulnerability has been resolved: net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/137010d26dc5cd47cd62fef77cbe952d31951b7a patch
https://git.kernel.org/stable/c/8d5b20fbc548650019afa96822b6a33ea4ec8aa5 patch
https://git.kernel.org/stable/c/db755e55349045375c5c7036e8650afb3ff419d8 patch
https://git.kernel.org/stable/c/9c6ce55e6f0bd1541f112833006b4052614c7d94 patch
https://git.kernel.org/stable/c/1a17a4ac2d57102497fac53b53c666dba6a0c20d patch
https://git.kernel.org/stable/c/6dc937a3086e344f965ca5c459f8f3eb6b68d890 patch
https://git.kernel.org/stable/c/84f2bac74000dbb7a177d9b98a17031ec8d07ec5 patch
https://git.kernel.org/stable/c/2cb3f56e827abb22c4168ad0c1bbbf401bb2f3b8 patch

Frequently Asked Questions

What is the severity of CVE-2024-50168?
CVE-2024-50168 has been scored as a medium severity vulnerability.
How to fix CVE-2024-50168?
To fix CVE-2024-50168, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-50168 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-50168 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-50168?
CVE-2024-50168 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.