#VU94246 NULL pointer dereference in Linux kernel - CVE-2024-40959

Vulnerability identifier: #VU94246

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-40959

CWE-ID: CWE-476

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xfrm6_get_saddr() function in net/ipv6/xfrm6_policy.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/c71761292d4d002a8eccb57b86792c4e3b3eb3c7
https://git.kernel.org/stable/c/caf0bec84c62fb1cf6f7c9f0e8c857c87f8adbc3
https://git.kernel.org/stable/c/20427b85781aca0ad072851f6907a3d4b2fed8d1
https://git.kernel.org/stable/c/9f30f1f1a51d91e19f5a09236bb0b59e6a07ad08
https://git.kernel.org/stable/c/83c02fb2cc0afee5bb53cddf3f34f045f654ad6a
https://git.kernel.org/stable/c/f897d7171652fcfc76d042bfec798b010ee89e41
https://git.kernel.org/stable/c/600a62b4232ac027f788c3ca395bc2333adeaacf
https://git.kernel.org/stable/c/d46401052c2d5614da8efea5788532f0401cb164

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.