CVE-2024-50024

MEDIUM EPSS 17.6%
Published Oct 21, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 [#1] ... NIP [c000000000c080bc] netlink_update_socket_mc+0x3c/0xc0 LR [c000000000c0f764] __netlink_clear_multicast_users+0x74/0xc0 Call Trace: __netlink_clear_multicast_users+0x74/0xc0 genl_unregister_family+0xd4/0x2d0 Change the unsafe loop on the list to a safe one, because inside the loop there is an element removal from this list.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
17.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.32  –  <5.10.227
linuxlinux_kernel*≥5.11  –  <5.15.168
linuxlinux_kernel*≥5.16  –  <6.1.113
linuxlinux_kernel*≥6.2  –  <6.6.57
linuxlinux_kernel*≥6.7  –  <6.11.4
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/1cdec792b2450105b1314c5123a9a0452cb2c2f0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1dae9f1187189bc09ff6d25ca97ead711f7e26f9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3be342e0332a7c83eb26fbb22bf156fdca467a5d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/464801a0f6ccb52b21faa33bac6014fd74cc5e10
  • git.kernel.org https://git.kernel.org/stable/c/49f9b726bf2bf3dd2caf0d27cadf4bc1ccf7a7dd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f03a7f601f33cda1f710611625235dc86fd8a9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68ad5da6ca630a276f0a5c924179e57724d00013
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e0766fcf37ad8eed289dd3853628dd9b01b58b0
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1cdec792b2450105b1314c5123a9a0452cb2c2f0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1dae9f1187189bc09ff6d25ca97ead711f7e26f9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3be342e0332a7c83eb26fbb22bf156fdca467a5d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49f9b726bf2bf3dd2caf0d27cadf4bc1ccf7a7dd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5f03a7f601f33cda1f710611625235dc86fd8a9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/68ad5da6ca630a276f0a5c924179e57724d00013
    Patch