Login Sign Up

CVE-2024-39490

6.2 MEDIUM
Denial of Service

📋 TL;DR

A memory leak vulnerability exists in the Linux kernel's IPv6 Segment Routing (SRv6) implementation. When processing SRv6 packets, if skb_cow_head() fails due to insufficient headroom, the kernel fails to release the sk_buff, causing a memory leak. This affects all Linux systems with IPv6 SRv6 enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions between commit af3b5158b89d and the fix commits
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if IPv6 Segment Routing (SRv6) is enabled. Most default configurations do not enable SRv6.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could send specially crafted IPv6 SRv6 packets to trigger repeated memory allocation failures, leading to kernel memory exhaustion, system instability, and potential denial of service.

🟠

Likely Case

Memory leak leading to gradual performance degradation over time, potentially causing system crashes or service interruptions under sustained attack.

🟢

If Mitigated

Minimal impact if SRv6 is disabled or systems are patched; memory leak would be contained to specific network conditions.

🌐 Internet-Facing: MEDIUM - Requires IPv6 connectivity and SRv6 enabled; attackers need network access but exploit is straightforward.
🏢 Internal Only: LOW - Requires internal network access and SRv6 configuration; lower exposure surface.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires sending IPv6 packets with SRH to a vulnerable system with SRv6 enabled. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 5447f9708d9e4c17a647b16a9cb29e9e02820bd9, 8f1fc3b86eaea70be6abcae2e9aa7e7b99453864, e8688218e38111ace457509d8f0cad75f79c1a7a, f4df8c7670a73752201cbde215254598efdf6ce8, f5fec1588642e415a3d72e02140160661b303940

Vendor Advisory: https://git.kernel.org/stable/c/5447f9708d9e4c17a647b16a9cb29e9e02820bd9

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify SRv6 functionality if required.

🔧 Temporary Workarounds

Disable IPv6 Segment Routing

linux

Disable SRv6 functionality to prevent exploitation

sysctl -w net.ipv6.conf.all.seg6_enabled=0
sysctl -w net.ipv6.conf.default.seg6_enabled=0

🧯 If You Can't Patch

  • Disable IPv6 Segment Routing via sysctl
  • Implement network filtering to block SRv6 packets at perimeter

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if SRv6 is enabled: sysctl net.ipv6.conf.all.seg6_enabled

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits and SRv6 functionality works without memory leaks

📡 Detection & Monitoring

Log Indicators:

  • Kernel oom-killer events
  • Memory allocation failures in kernel logs
  • System performance degradation

Network Indicators:

  • Unusual IPv6 SRv6 traffic patterns
  • Repeated SRH packet transmissions

SIEM Query:

source="kernel" AND ("oom" OR "memory allocation failure" OR "seg6")

📊 Metadata

CVE ID: CVE-2024-39490
CVSS v3 Score: 6.2 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-401
Published: July 10, 2024
Last Updated: March 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-39490, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)