CVE-2024-36946

MEDIUM

Linux Kernel Use-After-Free in Phonet Route Notification

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtm_phonet_notify() skb allocation fill_route() stores three components in the skb: - struct rtmsg - RTA_DST (u8) - RTA_OIF (u32) Therefore, rtm_phonet_notify() should use NLMSG_ALIGN(sizeof(struct rtmsg)) + nla_total_size(1) + nla_total_size(4)

References (11)

Core 11

Core References

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Third Party Advisory

https://security.netapp.com/advisory/ntap-20241004-0002/

Patch

https://git.kernel.org/stable/c/ec1f71c05caeba0f814df77e0f511d8b4618623a

Patch

https://git.kernel.org/stable/c/dc6beac059f0331de97155a89d84058d4a9e49c7

Patch

https://git.kernel.org/stable/c/f085e02f0a32f6dfcfabc6535c9c4a1707cef86b

Patch

https://git.kernel.org/stable/c/4ff334cade9dae50e4be387f71e94fae634aa9b4

Patch

https://git.kernel.org/stable/c/728a83160f98ee6b60df0d890141b9b7240182fe

Patch

https://git.kernel.org/stable/c/ee9e39a6cb3ca2a3d35b4ae25547ee3526a44d00

Patch

https://git.kernel.org/stable/c/9a77226440008cf04ba68faf641a2d50f4998137

Patch

https://git.kernel.org/stable/c/d8cac8568618dcb8a51af3db1103e8d4cc4aeea7

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 7.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (28)

debian/debian_linux 10.0

linux/Kernel 2.6.33 - 4.19.314linux

linux/Kernel 4.20.0 - 5.4.276linux

linux/Kernel 5.11.0 - 5.15.159linux

linux/Kernel 5.16.0 - 6.1.91linux

linux/Kernel 5.5.0 - 5.10.217linux

linux/Kernel 6.2.0 - 6.6.31linux

linux/Kernel 6.7.0 - 6.8.10linux

Linux/Linux < 2.6.33

Linux/Linux 2.6.33

... and 18 more

Published May 30, 2024

Tracked Since Feb 18, 2026