ID

VAR-202407-1143


CVE

CVE-2024-40942


TITLE

Linux  of  Linux Kernel  Vulnerability regarding lack of memory release after expiration in

Trust: 0.8

sources: JVNDB: JVNDB-2024-028110

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets deleted, ex mesh interface is removed, the entries in that list will never get cleaned. Fix this by flushing all corresponding items of the preq_queue in mesh_path_flush_pending(). This should take care of KASAN reports like this: unreferenced object 0xffff00000668d800 (size 128): comm "kworker/u8:4", pid 67, jiffies 4295419552 (age 1836.444s) hex dump (first 32 bytes): 00 1f 05 09 00 00 ff ff 00 d5 68 06 00 00 ff ff ..........h..... 8e 97 ea eb 3e b8 01 00 00 00 00 00 00 00 00 00 ....>........... backtrace: [<000000007302a0b6>] __kmem_cache_alloc_node+0x1e0/0x35c [<00000000049bd418>] kmalloc_trace+0x34/0x80 [<0000000000d792bb>] mesh_queue_preq+0x44/0x2a8 [<00000000c99c3696>] mesh_nexthop_resolve+0x198/0x19c [<00000000926bf598>] ieee80211_xmit+0x1d0/0x1f4 [<00000000fc8c2284>] __ieee80211_subif_start_xmit+0x30c/0x764 [<000000005926ee38>] ieee80211_subif_start_xmit+0x9c/0x7a4 [<000000004c86e916>] dev_hard_start_xmit+0x174/0x440 [<0000000023495647>] __dev_queue_xmit+0xe24/0x111c [<00000000cfe9ca78>] batadv_send_skb_packet+0x180/0x1e4 [<000000007bacc5d5>] batadv_v_elp_periodic_work+0x2f4/0x508 [<00000000adc3cd94>] process_one_work+0x4b8/0xa1c [<00000000b36425d1>] worker_thread+0x9c/0x634 [<0000000005852dd5>] kthread+0x1bc/0x1c4 [<000000005fccd770>] ret_from_fork+0x10/0x20 unreferenced object 0xffff000009051f00 (size 128): comm "kworker/u8:4", pid 67, jiffies 4295419553 (age 1836.440s) hex dump (first 32 bytes): 90 d6 92 0d 00 00 ff ff 00 d8 68 06 00 00 ff ff ..........h..... 36 27 92 e4 02 e0 01 00 00 58 79 06 00 00 ff ff 6'.......Xy..... backtrace: [<000000007302a0b6>] __kmem_cache_alloc_node+0x1e0/0x35c [<00000000049bd418>] kmalloc_trace+0x34/0x80 [<0000000000d792bb>] mesh_queue_preq+0x44/0x2a8 [<00000000c99c3696>] mesh_nexthop_resolve+0x198/0x19c [<00000000926bf598>] ieee80211_xmit+0x1d0/0x1f4 [<00000000fc8c2284>] __ieee80211_subif_start_xmit+0x30c/0x764 [<000000005926ee38>] ieee80211_subif_start_xmit+0x9c/0x7a4 [<000000004c86e916>] dev_hard_start_xmit+0x174/0x440 [<0000000023495647>] __dev_queue_xmit+0xe24/0x111c [<00000000cfe9ca78>] batadv_send_skb_packet+0x180/0x1e4 [<000000007bacc5d5>] batadv_v_elp_periodic_work+0x2f4/0x508 [<00000000adc3cd94>] process_one_work+0x4b8/0xa1c [<00000000b36425d1>] worker_thread+0x9c/0x634 [<0000000005852dd5>] kthread+0x1bc/0x1c4 [<000000005fccd770>] ret_from_fork+0x10/0x20. Linux of Linux Kernel Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on SINEC OS with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) and human-machine interfaces (HMIs). Multiple vulnerabilities exist in third-party components prior to SIEMENS SINEC OS V3.2. These vulnerabilities could be exploited to corrupt values, leading to undefined behavior or security issues. ========================================================================== Ubuntu Security Notice USN-7003-2 September 12, 2024 linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4, linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-5.4: Linux hardware enablement (HWE) kernel - linux-ibm-5.4: Linux kernel for IBM cloud systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Details: It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - MIPS architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - VMware VMCI Driver; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - USB subsystem; - JFFS2 file system; - JFS file system; - File systems infrastructure; - NILFS2 file system; - IOMMU subsystem; - Sun RPC protocol; - Netfilter; - Memory management; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - SoC Audio for Freescale CPUs drivers; (CVE-2024-40941, CVE-2024-42086, CVE-2024-41097, CVE-2024-40958, CVE-2024-41089, CVE-2024-40942, CVE-2024-40968, CVE-2024-40934, CVE-2024-40902, CVE-2024-42124, CVE-2023-52887, CVE-2024-42115, CVE-2024-41041, CVE-2024-39501, CVE-2024-40932, CVE-2024-42102, CVE-2024-40960, CVE-2024-39487, CVE-2024-39503, CVE-2024-40945, CVE-2024-40959, CVE-2024-40987, CVE-2024-40995, CVE-2024-40988, CVE-2024-42084, CVE-2024-40943, CVE-2024-42070, CVE-2024-40904, CVE-2024-41049, CVE-2024-41046, CVE-2024-39502, CVE-2024-42097, CVE-2024-42090, CVE-2024-42236, CVE-2024-42223, CVE-2024-42094, CVE-2024-41007, CVE-2024-42105, CVE-2024-41035, CVE-2024-41087, CVE-2024-42157, CVE-2024-39495, CVE-2024-36894, CVE-2024-40916, CVE-2024-39469, CVE-2024-40974, CVE-2024-42153, CVE-2024-36974, CVE-2024-42096, CVE-2024-42232, CVE-2024-40980, CVE-2024-41034, CVE-2024-42087, CVE-2024-42093, CVE-2024-41095, CVE-2024-42145, CVE-2024-42148, CVE-2023-52803, CVE-2024-39499, CVE-2024-42104, CVE-2024-42224, CVE-2024-37078, CVE-2024-42092, CVE-2024-39505, CVE-2024-38619, CVE-2024-42106, CVE-2024-40978, CVE-2024-41044, CVE-2024-42089, CVE-2024-40981, CVE-2024-42154, CVE-2024-36978, CVE-2024-42076, CVE-2024-40984, CVE-2024-42127, CVE-2024-42119, CVE-2024-40961, CVE-2024-39509, CVE-2024-42101, CVE-2024-40901, CVE-2024-40963, CVE-2024-40905, CVE-2024-39506, CVE-2024-40912, CVE-2024-41006) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-5.4.0-1079-ibm 5.4.0-1079.84~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1115-raspi 5.4.0-1115.127~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1131-oracle 5.4.0-1131.140~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1132-aws 5.4.0-1132.142~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1136-gcp 5.4.0-1136.145~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1137-azure 5.4.0-1137.144~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-195-generic 5.4.0-195.215~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-195-lowlatency 5.4.0-195.215~18.04.1 Available with Ubuntu Pro linux-image-aws 5.4.0.1132.142~18.04.1 Available with Ubuntu Pro linux-image-azure 5.4.0.1137.144~18.04.1 Available with Ubuntu Pro linux-image-gcp 5.4.0.1136.145~18.04.1 Available with Ubuntu Pro linux-image-generic-hwe-18.04 5.4.0.195.215~18.04.1 Available with Ubuntu Pro linux-image-ibm 5.4.0.1079.84~18.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-18.04 5.4.0.195.215~18.04.1 Available with Ubuntu Pro linux-image-oem 5.4.0.195.215~18.04.1 Available with Ubuntu Pro linux-image-oem-osp1 5.4.0.195.215~18.04.1 Available with Ubuntu Pro linux-image-oracle 5.4.0.1131.140~18.04.1 Available with Ubuntu Pro linux-image-raspi-hwe-18.04 5.4.0.1115.127~18.04.1 Available with Ubuntu Pro linux-image-snapdragon-hwe-18.04 5.4.0.195.215~18.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-18.04 5.4.0.195.215~18.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7003-2 https://ubuntu.com/security/notices/USN-7003-1 CVE-2023-52803, CVE-2023-52887, CVE-2024-36894, CVE-2024-36974, CVE-2024-36978, CVE-2024-37078, CVE-2024-38619, CVE-2024-39469, CVE-2024-39487, CVE-2024-39495, CVE-2024-39499, CVE-2024-39501, CVE-2024-39502, CVE-2024-39503, CVE-2024-39505, CVE-2024-39506, CVE-2024-39509, CVE-2024-40901, CVE-2024-40902, CVE-2024-40904, CVE-2024-40905, CVE-2024-40912, CVE-2024-40916, CVE-2024-40932, CVE-2024-40934, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943, CVE-2024-40945, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40963, CVE-2024-40968, CVE-2024-40974, CVE-2024-40978, CVE-2024-40980, CVE-2024-40981, CVE-2024-40984, CVE-2024-40987, CVE-2024-40988, CVE-2024-40995, CVE-2024-41006, CVE-2024-41007, CVE-2024-41034, CVE-2024-41035, CVE-2024-41041, CVE-2024-41044, CVE-2024-41046, CVE-2024-41049, CVE-2024-41087, CVE-2024-41089, CVE-2024-41095, CVE-2024-41097, CVE-2024-42070, CVE-2024-42076, CVE-2024-42084, CVE-2024-42086, CVE-2024-42087, CVE-2024-42089, CVE-2024-42090, CVE-2024-42092, CVE-2024-42093, CVE-2024-42094, CVE-2024-42096, CVE-2024-42097, CVE-2024-42101, CVE-2024-42102, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106, CVE-2024-42115, CVE-2024-42119, CVE-2024-42124, CVE-2024-42127, CVE-2024-42145, CVE-2024-42148, CVE-2024-42153, CVE-2024-42154, CVE-2024-42157, CVE-2024-42223, CVE-2024-42224, CVE-2024-42232, CVE-2024-42236

Trust: 2.25

sources: NVD: CVE-2024-40942 // JVNDB: JVNDB-2024-028110 // CNVD: CNVD-2025-19350 // PACKETSTORM: 181484

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19350

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.10

Trust: 1.8

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.279

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.221

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.317

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.95

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.35

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:2.6.26

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.162

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.9.6

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:2.6.26 that's all 4.19.317

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:4.20 that's all 5.4.279

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.35

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.95

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.9.6

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.162

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.5 that's all 5.10.221

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.2

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.2

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-028110 // NVD: CVE-2024-40942

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-40942
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-40942
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-19350
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19350
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-40942
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2024-40942
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-028110 // NVD: CVE-2024-40942

PROBLEMTYPE DATA

problemtype:CWE-401

Trust: 1.0

problemtype:Lack of memory release after expiration (CWE-401) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-028110 // NVD: CVE-2024-40942

THREAT TYPE

local

Trust: 0.1

sources: PACKETSTORM: 181484

PATCH

title:Linux Kernel Archivesurl:https://git.kernel.org/stable/c/377dbb220edc8421b7960691876c5b3bef62f89b

Trust: 0.8

title:Patch for Multiple vulnerabilities exist in third-party components of SIEMENS SINEC OS V3.2 and earlierurl:https://www.cnvd.org.cn/patchInfo/show/723061

Trust: 0.6

sources: CNVD: CNVD-2025-19350 // JVNDB: JVNDB-2024-028110

EXTERNAL IDS

db:NVDid:CVE-2024-40942

Trust: 2.7

db:SIEMENSid:SSA-355557

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:ICS CERTid:ICSA-25-226-07

Trust: 0.8

db:JVNid:JVNVU92169998

Trust: 0.8

db:JVNDBid:JVNDB-2024-028110

Trust: 0.8

db:CNVDid:CNVD-2025-19350

Trust: 0.6

db:PACKETSTORMid:181484

Trust: 0.1

sources: CNVD: CNVD-2025-19350 // PACKETSTORM: 181484 // JVNDB: JVNDB-2024-028110 // NVD: CVE-2024-40942

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-355557.html

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Trust: 1.0

url:https://git.kernel.org/stable/c/63d5f89bb5664d60edbf8cf0df911aaae8ed96a4

Trust: 1.0

url:https://git.kernel.org/stable/c/d81e244af521de63ad2883e17571b789c39b6549

Trust: 1.0

url:https://git.kernel.org/stable/c/ec79670eae430b3ffb7e0a6417ad7657728b8f95

Trust: 1.0

url:https://git.kernel.org/stable/c/b7d7f11a291830fdf69d3301075dd0fb347ced84

Trust: 1.0

url:https://git.kernel.org/stable/c/c4c865f971fd4a255208f57ef04d814c2ae9e0dc

Trust: 1.0

url:https://git.kernel.org/stable/c/617dadbfb2d3e152c5753e28356d189c9d6f33c0

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://git.kernel.org/stable/c/377dbb220edc8421b7960691876c5b3bef62f89b

Trust: 1.0

url:https://git.kernel.org/stable/c/7518e20a189f8659b8b83969db4d33a4068fcfc3

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2024-40942

Trust: 0.9

url:https://jvn.jp/vu/jvnvu92169998/

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-39495

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-36978

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40934

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40902

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-38619

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-7003-2

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-7003-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39501

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39469

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-40905

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39509

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-52803

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39502

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-39487

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-37078

Trust: 0.1

sources: CNVD: CNVD-2025-19350 // PACKETSTORM: 181484 // JVNDB: JVNDB-2024-028110 // NVD: CVE-2024-40942

CREDITS

Ubuntu

Trust: 0.1

sources: PACKETSTORM: 181484

SOURCES

db:CNVDid:CNVD-2025-19350
db:PACKETSTORMid:181484
db:JVNDBid:JVNDB-2024-028110
db:NVDid:CVE-2024-40942

LAST UPDATE DATE

2026-06-18T19:23:03.127000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-028110date:2025-09-26T08:44:00
db:NVDid:CVE-2024-40942date:2026-05-12T12:17:00.027

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19350date:2025-08-12T00:00:00
db:PACKETSTORMid:181484date:2024-09-12T14:51:31
db:JVNDBid:JVNDB-2024-028110date:2025-09-26T00:00:00
db:NVDid:CVE-2024-40942date:2024-07-12T13:15:16.520