{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:43:44.612","vulnerabilities":[{"cve":{"id":"CVE-2024-50190","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-11-08T06:15:15.957","lastModified":"2025-10-01T21:16:01.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memleak in ice_init_tx_topology()\n\nFix leak of the FW blob (DDP pkg).\n\nMake ice_cfg_tx_topo() const-correct, so ice_init_tx_topology() can avoid\ncopying whole FW blob. Copy just the topology section, and only when\nneeded. Reuse the buffer allocated for the read of the current topology.\n\nThis was found by kmemleak, with the following trace for each PF:\n    [<ffffffff8761044d>] kmemdup_noprof+0x1d/0x50\n    [<ffffffffc0a0a480>] ice_init_ddp_config+0x100/0x220 [ice]\n    [<ffffffffc0a0da7f>] ice_init_dev+0x6f/0x200 [ice]\n    [<ffffffffc0a0dc49>] ice_init+0x29/0x560 [ice]\n    [<ffffffffc0a10c1d>] ice_probe+0x21d/0x310 [ice]\n\nConstify ice_cfg_tx_topo() @buf parameter.\nThis cascades further down to few more functions."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: se corrige la pérdida de memoria en ice_init_tx_topology() Se corrige la pérdida del blob de FW (paquete DDP). Se hace que ice_cfg_tx_topo() sea constante y correcto, de modo que ice_init_tx_topology() pueda evitar copiar todo el blob de FW. Se copia solo la sección de topología y solo cuando es necesario. Se reutiliza el búfer asignado para la lectura de la topología actual. Esto fue encontrado por kmemleak, con el siguiente rastro para cada PF: [] kmemdup_noprof+0x1d/0x50 [] ice_init_ddp_config+0x100/0x220 [ice] [] ice_init_dev+0x6f/0x200 [ice] [] ice_init+0x29/0x560 [ice] [] ice_probe+0x21d/0x310 [ice] Parámetros de conversión de ice_cfg_tx_topo() @buf. Esto se aplica en cascada a algunas funciones más."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.11.4","matchCriteriaId":"2ADD5DBE-B520-479C-9FCD-6C8FA848E789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*","matchCriteriaId":"7F361E1D-580F-4A2D-A509-7615F73167A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/43544b4e30732c3d88f423252281915d5bc739b6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c188afdc36113760873ec78cbc036f6b05f77621","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}