CVE-2024-26744 — NULL Pointer Dereference in Linux
Severity
5.5MEDIUMNVD
OSV7.0OSV6.5
EPSS
0.0%
top 99.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 3
Latest updateJul 26
Description
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srpt: Support specifying the srpt_service_guid parameter
Make loading ib_srpt with this parameter set work. The current behavior is
that setting that parameter while loading the ib_srpt kernel module
triggers the following kernel crash:
BUG: kernel NULL pointer dereference, address: 0000000000000000
Call Trace:
parse_one+0x18c/0x1d0
parse_args+0xe1/0x230
load_module+0x8de/0xa60
init_module_from_file+0x8b/0xd0
idempotent…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linuxa42d985bd5b234da8b61347a78dc3057bf7bb94d — 84f1dac960cfa210a3b7a7522e6c2320ae91932b+8
Also affects: Debian Linux 10.0
Patches
🔴Vulnerability Details
12📋Vendor Advisories
12💬Community
1Bugzilla
▶