Description

In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_update_prog(): mutex_lock(&sockmap_mutex); ... sockmap_link->map = NULL; mutex_unlock(&sockmap_mutex); mutex_lock(&sockmap_mutex); ... sock_map_prog_link_lookup(sockmap_link->map); mutex_unlock(&sockmap_mutex); <continue> Fix it by adding a NULL pointer check. In this specific case, it makes no sense to update a link which is being released.

INFO

Published Date :

2024-11-09T10:15:13.271Z

Last Modified :

2025-10-01T20:17:24.123Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50260 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50260.

URL Resource
https://git.kernel.org/stable/c/740be3b9a6d73336f8c7d540842d0831dc7a808b cve-icon cve-icon
https://git.kernel.org/stable/c/9afe35fdda16e09d5bd3c49a68ba8c680dd678bd cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024110940-CVE-2024-50260-db68@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50260 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50260 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact