CVE-2024-26735
ipv6: sr: fix possible use-after-free and null-ptr-deref
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
03 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix possible use-after-free and null-ptr-deref
The pernet operations structure for the subsystem must be registered
before registering the generic netlink family.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/02b08db594e8218cfbc0e4680d4331b457968a9bhttps://git.kernel.org/stable/c/5559cea2d5aa3018a5f00dd2aca3427ba09b386bhttps://git.kernel.org/stable/c/65c38f23d10ff79feea1e5d50b76dc7af383c1e6https://git.kernel.org/stable/c/82831e3ff76ef09fb184eb93b79a3eb3fb284f1dhttps://git.kernel.org/stable/c/8391b9b651cfdf80ab0f1dc4a489f9d67386e197https://git.kernel.org/stable/c/91b020aaa1e59bfb669d34c968e3db3d5416bceehttps://git.kernel.org/stable/c/953f42934533c151f440cd32390044d2396b87aahttps://git.kernel.org/stable/c/9e02973dbc6a91e40aa4f5d87b8c47446fbfce44https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlhttps://lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlhttps://security.netapp.com/advisory/ntap-20241101-0012/