PT-2024-32738 · Linux+7 · Linux Kernel+7

Josh Hunt

·

Published

2024-09-10

·

Updated

2025-11-18

·

CVE-2024-47684

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58
Description A null pointer dereference vulnerability has been resolved in the Linux kernel. The issue occurs in the tcp rearm rto() function, which is called from the tcp send loss probe() and tcp write timer handler() functions. The vulnerability can cause a kernel crash when a null pointer is dereferenced. The issue was initially found in the TLP path, but later also seen in the RACK case. The vulnerability is caused by a null skb pointer being passed to the tcp rto delta us() function.
Recommendations To resolve the issue, update the Linux kernel to version 6.6.58 or later. For versions prior to 6.6.58, consider disabling the tcp rearm rto() function as a temporary workaround until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-14046
ALT-PU-2024-14268
ALT-PU-2024-14270
ALT-PU-2024-14503
ALT-PU-2024-15739
ALT-PU-2024-16172
AZL-50659
AZL-50694
BDU:2025-03297
CVE-2024-47684
DLA-4008-1
DLA-4075-1
MGASA-2024-0344
MGASA-2024-0345
OESA-2024-2321
OESA-2024-2322
OESA-2024-2324
OESA-2024-2325
OESA-2025-1034
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3985-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4131-1
OPENSUSE-SU-2024_4140-1
OPENSUSE-SU-2025:14705-1
OPENSUSE-SU-2025_0449-1
OPENSUSE-SU-2025_0452-1
OPENSUSE-SU-2025_0455-1
OPENSUSE-SU-2025_0462-1
OPENSUSE-SU-2025_0465-1
OPENSUSE-SU-2025_0476-1
OPENSUSE-SU-2025_0486-1
OPENSUSE-SU-2025_0487-1
OPENSUSE-SU-2025_0489-1
OPENSUSE-SU-2025_0494-1
SUSE-SU-2024:3983-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4081-1
SUSE-SU-2024:4082-1
SUSE-SU-2024:4100-1
SUSE-SU-2024:4103-1
SUSE-SU-2024:4131-1
SUSE-SU-2024:4140-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:0034-1
SUSE-SU-2025:0410-1
SUSE-SU-2025:0426-1
SUSE-SU-2025:0440-1
SUSE-SU-2025:0449-1
SUSE-SU-2025:0452-1
SUSE-SU-2025:0455-1
SUSE-SU-2025:0462-1
SUSE-SU-2025:0465-1
SUSE-SU-2025:0476-1
SUSE-SU-2025:0486-1
SUSE-SU-2025:0487-1
SUSE-SU-2025:0489-1
SUSE-SU-2025:0494-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20186-1
SUSE-SU-2025:20188-1
SUSE-SU-2025:20189-1
SUSE-SU-2025:20191-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:20285-1
SUSE-SU-2025:4123-1
USN-7166-1
USN-7166-2
USN-7166-3
USN-7166-4
USN-7186-1
USN-7186-2
USN-7194-1
USN-7276-1
USN-7277-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7393-1
USN-7401-1
USN-7403-1
USN-7413-1
USN-7468-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu