CVE-2024-26921

inet: inet_defrag: prevent sk release while still in use

References

https://cve.org/CVERecord/?id=CVE-2024-26921

Notes

 carnil> Introduced in 7026b1ddb6b8 ("netfilter: Pass socket pointer down through
 carnil> okfn()."). Vulnerable versions: 4.1-rc1.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	needed
5.10-bullseye-security	needed
5.10-upstream-stable	needed
6.1-bookworm-security	released (6.1.85-1)
6.1-upstream-stable	released (6.1.85) [7d0567842b78390dd9b60f00f1d8f838d540e325]
6.6-upstream-stable	released (6.6.26) [f4877225313d474659ee53150ccc3d553a978727]
6.8-upstream-stable	released (6.8.5) [e09cbe017311508c21e0739e97198a8388b98981]
sid	needed
upstream	released (6.9-rc2) [18685451fc4e546fc0e718580d32df3c0e5c8272]