{"id":"CVE-2024-27393","summary":"xen-netfront: Add missing skb_mark_for_recycle","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: Add missing skb_mark_for_recycle\n\nNotice that skb_mark_for_recycle() is introduced later than fixes tag in\ncommit 6a5bcd84e886 (\"page_pool: Allow drivers to hint on SKB recycling\").\n\nIt is believed that fixes tag were missing a call to page_pool_release_page()\nbetween v5.9 to v5.14, after which is should have used skb_mark_for_recycle().\nSince v6.6 the call page_pool_release_page() were removed (in\ncommit 535b9c61bdef (\"net: page_pool: hide page_pool_release_page()\")\nand remaining callers converted (in commit 6bfef2ec0172 (\"Merge branch\n'net-page_pool-remove-page_pool_release_page'\")).\n\nThis leak became visible in v6.8 via commit dba1b8a7ab68 (\"mm/page_pool: catch\npage_pool memory leaks\").","modified":"2026-04-02T10:07:55.538080Z","published":"2024-05-09T16:37:07.973Z","related":["ALSA-2024:4349","SUSE-SU-2024:2008-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27393.json"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/05/08/4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/037965402a010898d34f4e35327d22c0a95cd51f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/27aa3e4b3088426b7e34584274ad45b5afaf7629"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4143b9479caa29bb2380f3620dcbe16ea84eb3b1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7c1250796b6c262b505a46192f4716b8c6a6a8c6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c8b7b2f158d9d4fb89cd2f68244af154f7549bb4"},{"type":"ADVISORY","url":"http://xenbits.xen.org/xsa/advisory-457.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27393.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27393"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6c5aa6fc4defc2a0977a2c59e4710d50fa1e834c"},{"fixed":"4143b9479caa29bb2380f3620dcbe16ea84eb3b1"},{"fixed":"7c1250796b6c262b505a46192f4716b8c6a6a8c6"},{"fixed":"27aa3e4b3088426b7e34584274ad45b5afaf7629"},{"fixed":"c8b7b2f158d9d4fb89cd2f68244af154f7549bb4"},{"fixed":"037965402a010898d34f4e35327d22c0a95cd51f"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27393.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}