CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-47708

In the Linux kernel, the following vulnerability has been resolved: netkit: Assign missing bpf_net_context During the introduction of struct bpf_net_context handling for XDP-redirect, the netkit driver has been missed, which also requires it because NETKIT_REDIRECT invokes skb_do_redirect() which is accessing the per-CPU variables. Otherwise we see the following crash: BUG: kernel NULL pointer dereference, address: 0000000000000038 bpf_redirect() netkit_xmit() dev_hard_start_xmit() Set the bpf_net_context before invoking netkit_xmit() program within the netkit driver.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.9%

CVSS Severity

CVSS v3 Score 5.5

References

https://git.kernel.org/stable/c/157f29152b61ca41809dd7ead29f5733adeced19
https://git.kernel.org/stable/c/182c6fed8c7f62cddce0126ec1fc0da2b700fb11

Products affected by CVE-2024-47708

Linux » Linux Kernel » Version: 6.11

cpe:2.3:o:linux:linux_kernel:6.11
Linux » Linux Kernel » Version: 6.11.1

cpe:2.3:o:linux:linux_kernel:6.11.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47708

Products

Pricing

Contact Us