Products
Linux kernel
linux_kernel
- *
linux_kernel
- 6
- .
- 1
- 1
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Tags
CVE-2024-46677 details
Last Modified : Sept. 13, 2024, 4:51 p.m.
Description
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it by returning an error pointer with the error code carried from sockfd_lookup(). (I found this bug during code inspection.)
CVSS Score
| 1 | 2 | 3 | 4 | 5.5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-476 | NULL Pointer Dereference | A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
5.5
Exploitability Score
1.8
Impact Score
3.6
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
| URL | Source |
|---|---|
| https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CPEs
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc1 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc2 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc3 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc4 | / | / | / | / | / | / |
| o | linux | linux_kernel | 6.11 | rc5 | / | / | / | / | / | / |