PT-2024-33826 · Linux+5 · Linux Kernel+5

Kuan-Wei Chiu

·

Published

2024-10-21

·

Updated

2026-05-26

·

CVE-2024-49987

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58
Description: The issue arises from the bpftool in the Linux kernel, where qsort is called with a NULL pointer when netfilter has no entry to display, resulting in undefined behavior. This is reported by UBSan as a runtime error due to a null pointer being passed as an argument. The C standard implies that passing invalid arguments, including null pointers, to functions leads to undefined behavior. To mitigate this, an early return is added when nf link info is NULL to prevent calling qsort with a NULL pointer.
Recommendations: For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider modifying the code to add an early return when nf link info is NULL to prevent calling qsort with a NULL pointer.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-14046
AZL-51768
BDU:2025-07986
CVE-2024-49987
ECHO-7F43-A8C2-FC48
MGASA-2024-0344
MGASA-2024-0345
OESA-2025-1097
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4157-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:4157-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2024_4157-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1
USN-7468-1

Affected Products

Alt Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu