CVE-2024-56602 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-56602 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()

sock_init_data() attaches the allocated sk object to the provided sock
object. If ieee802154_create() fails later, the allocated sk object is
freed, but the dangling pointer remains in the provided sock object, which
may allow use-after-free.

Clear the sk pointer in the sock object on error.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 1235521 [NEW]

No SUSE Security Announcements cross referenced.

SUSE Timeline for this CVE

CVE page created: Thu Jan 9 12:13:32 2025
CVE page last modified: Thu Jan 9 12:13:32 2025