CVE-2024-26825

nfc: nci: free rx_data_reassembly skb on NCI device cleanup

References

Notes

 carnil> Introduced in 6a2968aaf50c ("NFC: basic NCI protocol implementation").
 carnil> Vulnerable versions: 3.2-rc1.

Bugs

Status

Branch Status
4.19-buster-security needed
4.19-upstream-stable released (4.19.307) [7e9a8498658b398bf11b8e388005fa54e40aed81]
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.210) [2f6d16f0520d6505241629ee2f5c131b547d5f9d]
6.1-bookworm-security released (6.1.82-1)
6.1-upstream-stable released (6.1.79) [5c0c5ffaed73cbae6c317374dc32ba6cacc60895]
6.6-upstream-stable released (6.6.18) [16d3f507b0fa70453dc54550df093d6e9ac630c1]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.7.7-1)
upstream released (6.8-rc3) [bfb007aebe6bff451f7f3a4be19f4f286d0d5d9c]