CVE - CVE-2024-46677

CVE-ID
CVE-2024-46677	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it by returning an error pointer with the error code carried from sockfd_lookup(). (I found this bug during code inspection.)
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d URL:https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d MISC:https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87 URL:https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87 MISC:https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2 URL:https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2 MISC:https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39 URL:https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39 MISC:https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c URL:https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c MISC:https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e URL:https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e MISC:https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda URL:https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda MISC:https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70 URL:https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70
Assigning CNA
kernel.org
Date Record Created
20240911	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240911)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.