Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2024-26663 |
CWE-ID | CWE-476 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU92073
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26663
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the tipc_nl_bearer_add() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/24ec8f0da93b8a9fba11600be8a90f0d73fb46f1
http://git.kernel.org/stable/c/6f70f0b412458c622a12d4292782c8e92e210c2f
http://git.kernel.org/stable/c/19d7314f2fb9515bdaac9829d4d8eb34edd1fe95
http://git.kernel.org/stable/c/c1701ea85ef0ec7be6a1b36c7da69f572ed2fd12
http://git.kernel.org/stable/c/3d3a5b31b43515b5752ff282702ca546ec3e48b6
http://git.kernel.org/stable/c/888e3524be87f3df9fa3c083484e4b62b3e3bb59
http://git.kernel.org/stable/c/0cd331dfd6023640c9669d0592bc0fd491205f87
http://git.kernel.org/stable/c/3871aa01e1a779d866fa9dfdd5a836f342f4eb87
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.