CVE-2024-26754Use After Free in Linux

CWE-416Use After FreeCWE-476NULL Pointer Dereference34 documents8 sources
Severity
7.8HIGHNVD
OSV7.0OSV6.5OSV5.5
EPSS
0.0%
top 97.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedApr 3
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() The gtp_net_ops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Syzkaller hit 'general protection fault in gtp_genl_dump_pdp' bug: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000010-0

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

NVDlinux/linux_kernel4.74.19.308+7
Debianlinux/linux_kernel< 5.10.216-1+3
Ubuntulinux/linux_kernel< 5.4.0-186.206+2
CVEListV5linux/linux459aa660eb1d8ce67080da1983bb81d716aa5a69f0ecdfa679189d26aedfe24212d4e69e42c2c861+8
debiandebian/linux< linux 6.1.82-1 (bookworm)

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

16
OSV
linux-azure vulnerabilities2024-10-17
OSV
linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities2024-10-15
OSV
linux-raspi vulnerabilities2024-07-26
OSV
linux-ibm-5.15 vulnerabilities2024-07-10
OSV
linux-hwe-5.15 vulnerabilities2024-07-04

📋Vendor Advisories

16
CISA ICS
Siemens SINEC OS2025-08-14
Ubuntu
Linux kernel (Azure) vulnerabilities2024-10-17
Ubuntu
Linux kernel vulnerabilities2024-10-15
Ubuntu
Linux kernel vulnerabilities2024-07-26
Ubuntu
Linux kernel (IBM) vulnerabilities2024-07-10

💬Community

1
Bugzilla
CVE-2024-26754 kernel: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()2024-04-04