{"id":"CVE-2024-56600","summary":"net: inet6: do not leave a dangling sk pointer in inet6_create()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error.","modified":"2026-04-02T12:24:54.513447Z","published":"2024-12-27T14:51:06.610Z","related":["MGASA-2025-0030","MGASA-2025-0032","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0555-1","SUSE-SU-2025:0556-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:0564-1","SUSE-SU-2025:0565-1","SUSE-SU-2025:0576-1","SUSE-SU-2025:0577-1","SUSE-SU-2025:0577-2","SUSE-SU-2025:0603-1","SUSE-SU-2025:0771-1","SUSE-SU-2025:0867-1","SUSE-SU-2025:1207-1","SUSE-SU-2025:1213-1","SUSE-SU-2025:1214-1","SUSE-SU-2025:1225-1","SUSE-SU-2025:1231-1","SUSE-SU-2025:1232-1","SUSE-SU-2025:1236-1","SUSE-SU-2025:1238-1","SUSE-SU-2025:1248-1","SUSE-SU-2025:1252-1","SUSE-SU-2025:1254-1","SUSE-SU-2025:1257-1","SUSE-SU-2025:1259-1","SUSE-SU-2025:1260-1","SUSE-SU-2025:1262-1","SUSE-SU-2025:1275-1","SUSE-SU-2025:1276-1","SUSE-SU-2025:1278-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20187-1","SUSE-SU-2025:20191-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","SUSE-SU-2025:20284-1","SUSE-SU-2025:20341-1","SUSE-SU-2025:20369-1","SUSE-SU-2025:4123-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56600.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/276a473c956fb55a6f3affa9ff232e10fffa7b43"},{"type":"WEB","url":"https://git.kernel.org/stable/c/35360255ca30776dee34d9fa764cffa24d0a5f65"},{"type":"WEB","url":"https://git.kernel.org/stable/c/706b07b7b37f886423846cb38919132090bc40da"},{"type":"WEB","url":"https://git.kernel.org/stable/c/79e16a0d339532ea832d85798eb036fc4f9e0cea"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9df99c395d0f55fb444ef39f4d6f194ca437d884"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f2709d1271cfdf55c670ab5c5982139ab627ddc7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f44fceb71d72d29fb00e0ac84cdf9c081b03cd06"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56600.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56600"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"},{"fixed":"f2709d1271cfdf55c670ab5c5982139ab627ddc7"},{"fixed":"35360255ca30776dee34d9fa764cffa24d0a5f65"},{"fixed":"276a473c956fb55a6f3affa9ff232e10fffa7b43"},{"fixed":"79e16a0d339532ea832d85798eb036fc4f9e0cea"},{"fixed":"706b07b7b37f886423846cb38919132090bc40da"},{"fixed":"f44fceb71d72d29fb00e0ac84cdf9c081b03cd06"},{"fixed":"9df99c395d0f55fb444ef39f4d6f194ca437d884"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56600.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}