retired/CVE-2024-26676


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC.
References:
Notes:
 carnil> Introduced in 2aab4b969002 ("af_unix: fix struct pid leaks in OOB support").
 carnil> Vulnerable versions: 5.15.103 6.1.20 6.2.7 6.3-rc2.
Bugs:
upstream: released (6.8-rc4) [1279f9d9dec2d7462823a18c29ad61359e0a007d]
6.7-upstream-stable: released (6.7.5) [82ae47c5c3a6b27fdc0f9e83c1499cb439c56140]
6.6-upstream-stable: released (6.6.17) [b74aa9ce13d02b7fd37c5325b99854f91b9b4276]
6.1-upstream-stable: released (6.1.78) [e0e09186d8821ad59806115d347ea32efa43ca4b]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.7.7-1)
6.1-bookworm-security: released (6.1.82-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"