{ "threat_severity" : "Moderate", "public_date" : "2024-05-17T00:00:00Z", "bugzilla" : { "description" : "kernel: icmp: prevent possible NULL dereferences from icmp_build_probe()", "id" : "2281247", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2281247" }, "cvss3" : { "cvss3_base_score" : "5.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status" : "verified" }, "cwe" : "CWE-476", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nicmp: prevent possible NULL dereferences from icmp_build_probe()\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\nif (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list)\nSecond problem is a read from dev->ip6_ptr with no NULL check:\nif (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list))\nUse the correct RCU API to fix these.\nv2: add missing include ", "A flaw was found in the Linux kernel's ICMP protocol. Under some conditions, a NULL pointer dereference can be triggered due to a missing check, causing a system crash and resulting in a denial of service." ], "statement" : "The Linux kernel as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of the Linux kernel.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-07-31T00:00:00Z", "advisory" : "RHSA-2024:4928", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.28.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-07-31T00:00:00Z", "advisory" : "RHSA-2024:4928", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.28.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-07-15T00:00:00Z", "advisory" : "RHSA-2024:4533", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "kernel-0:5.14.0-284.73.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-07-15T00:00:00Z", "advisory" : "RHSA-2024:4554", "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv", "package" : "kernel-rt-0:5.14.0-284.73.1.rt14.358.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-35857\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35857\nhttps://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35857-837c@gregkh/T" ], "name" : "CVE-2024-35857", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }