Description

In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak. Specifically, ncsi_aen_handler() returns on invalid AEN packets without consuming the skb. Similarly, ncsi_rcv_rsp() exits early when failing to resolve the NCSI device, response handler, or request, leaving the skb unfreed.

Vecteur d'attaque

Complexité : LOW

Privilèges requis : NONE

Interaction utilisateur : NONE

Impact

• Confidentialité : NONE
• Intégrité : NONE
• Disponibilité : HIGH

Recommandations

Appliquer les correctifs de sécurité fournis par le vendeur dès que possible.