CVE-2024-26735 : In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: f

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family.

Published 2024-04-03 17:15:51

Updated 2025-03-17 16:05:02

Source Linux

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2024-26735

Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.15.150
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.7 and before (<) 6.7.7
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.16 and before (<) 6.1.80
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.20 and before (<) 5.4.270
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.211
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.2 and before (<) 6.6.19
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.10 and before (<) 4.19.308
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC3
cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC4
cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC5
cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*
Matching versions
Netapp » E-series Santricity Os Controller
Versions from including (>=) 11.0.0 and up to, including, (<=) 11.70.2
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
Matching versions
Netapp » H610s Firmware » Version: N/A
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H610s
Netapp » H610c Firmware » Version: N/A
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H610c
Netapp » H615c Firmware » Version: N/A
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » H615c
Netapp » 8300 Firmware » Version: N/A
cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » 8300
Netapp » 8700 Firmware » Version: N/A
cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » 8700
Netapp » A400 Firmware » Version: N/A
cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » A400
Netapp » C400 Firmware » Version: N/A
cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » C400

Exploit prediction scoring system (EPSS) score for CVE-2024-26735

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 18 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-26735

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-10-31
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2025-03-17
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2024-26735

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2024-26735

https://git.kernel.org/stable/c/953f42934533c151f440cd32390044d2396b87aa

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/91b020aaa1e59bfb669d34c968e3db3d5416bcee

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/02b08db594e8218cfbc0e4680d4331b457968a9b

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/9e02973dbc6a91e40aa4f5d87b8c47446fbfce44

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

[SECURITY] [DLA 3840-1] linux security update
Mailing List

CVEs referencing this url
https://git.kernel.org/stable/c/82831e3ff76ef09fb184eb93b79a3eb3fb284f1d

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://security.netapp.com/advisory/ntap-20241101-0012/

CVE-2024-26735 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory
https://git.kernel.org/stable/c/5559cea2d5aa3018a5f00dd2aca3427ba09b386b

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/65c38f23d10ff79feea1e5d50b76dc7af383c1e6

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

[SECURITY] [DLA 3842-1] linux-5.10 security update
Mailing List

CVEs referencing this url
https://git.kernel.org/stable/c/8391b9b651cfdf80ab0f1dc4a489f9d67386e197

ipv6: sr: fix possible use-after-free and null-ptr-deref - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2024-26735

Products affected by CVE-2024-26735

Exploit prediction scoring system (EPSS) score for CVE-2024-26735

CVSS scores for CVE-2024-26735

CWE ids for CVE-2024-26735

References for CVE-2024-26735