Resource Leak Affecting kernel-kdump-devel package, versions *
Threat Intelligence
EPSS
0.04% (6th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL7-KERNELKDUMPDEVEL-7357269
- published 22 Jun 2024
- disclosed 21 Jun 2024
Introduced: 21 Jun 2024
CVE-2024-38632 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:7
kernel-kdump-devel
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-kdump-devel
package and not the kernel-kdump-devel
package as distributed by RHEL
.
See How to fix?
for RHEL:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
vfio/pci: fix potential memory leak in vfio_intx_enable()
If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.
References
- https://access.redhat.com/security/cve/CVE-2024-38632
- https://git.kernel.org/stable/c/0bd22a4966d55f1d2c127a53300d5c2b50152376
- https://git.kernel.org/stable/c/35fef97c33f3d3ca0455f9a8e2a3f2c1f8cc9140
- https://git.kernel.org/stable/c/82b951e6fbd31d85ae7f4feb5f00ddd4c5d256e2
- https://git.kernel.org/stable/c/91ced077db2062604ec270b1046f8337e9090079
- https://git.kernel.org/stable/c/a6d810554d7d9d07041f14c5fcd453f3d3fed594
CVSS Scores
version 3.1