Linux · Linux Kernel · CVE-2024-50260
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the `sock map link update prog()` function. This issue can be triggered by a race condition between `sock map link detach()` and `sock map link update prog()`, where `sockmap link->map` is set to NULL while still being used. The problem is resolved by adding a NULL pointer check, as it does not make sense to update a link that is being released.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.