CVE-2024-46782

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52

Description The issue is related to the ila xlat exit net() function, which frees the rhashtable and then calls nf unregister net hooks(). This should be done in the reverse order, with a synchronize rcu(). The vulnerability can be exploited to impact the confidentiality, integrity, and availability of protected information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.52 or later. As a temporary workaround, consider disabling the ila xlat exit net() function until a patch is available. Restrict access to the vulnerable module net/ipv6/ila/ila xlat.c to minimize the risk of exploitation. Avoid using the rhashtable parameter in the affected API endpoint until the issue is resolved.