Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6_finish_output2() If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcu_read_lock() to make sure the dst and associated idev are alive.

INFO

Published Date :

2024-09-04T19:54:34.852Z

Last Modified :

2025-11-03T22:14:34.580Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-44986 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-44986.

URL Resource
https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e cve-icon cve-icon
https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be127b0578a cve-icon cve-icon
https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b cve-icon cve-icon
https://git.kernel.org/stable/c/da273b377ae0d9bd255281ed3c2adb228321687b cve-icon cve-icon
https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024090445-CVE-2024-44986-1197@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-44986 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-44986 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact