CVE-2024-47693 - Incomplete Cleanup

Severity

65%

Complexity

27%

Confidentiality

60%

CVSS 3.1 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Demo Examples

Incomplete Cleanup

CWE-459

Stream resources in a Java application should be released in a finally block, otherwise an exception thrown before the call to close() would result in an unreleased I/O resource. In the example below, the close() method is called in the try block (incorrect).


               
}
is.close();
log.error("Something bad happened: " + t.getMessage());

Overview

First reported 4 months ago

2024-10-21 12:15:00

Last updated 3 months ago

2024-10-23 21:18:00

Affected Software

Linux Kernel

References

https://git.kernel.org/stable/c/1730d47d1865af89efd01cf0469a9a739cbf60f2

https://git.kernel.org/stable/c/45f63f4bb9a7128a6209d766c2fc02b3d42fbf3e

https://git.kernel.org/stable/c/d08754be993f270e3d296d8f5d8e071fe6638651

https://git.kernel.org/stable/c/af633fd9d9fff59e31c804f47ca0c8a784977773

https://git.kernel.org/stable/c/290fe42fe0165205c4451334d8833a9202ae1d52

https://git.kernel.org/stable/c/1403c8b14765eab805377dd3b75e96ace8747aed

https://git.kernel.org/stable/c/1730d47d1865af89efd01cf0469a9a739cbf60f2

Patch

https://git.kernel.org/stable/c/45f63f4bb9a7128a6209d766c2fc02b3d42fbf3e

Patch

https://git.kernel.org/stable/c/d08754be993f270e3d296d8f5d8e071fe6638651

Patch

https://git.kernel.org/stable/c/af633fd9d9fff59e31c804f47ca0c8a784977773

Patch

https://git.kernel.org/stable/c/290fe42fe0165205c4451334d8833a9202ae1d52

Patch

https://git.kernel.org/stable/c/1403c8b14765eab805377dd3b75e96ace8747aed

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.