PT-2024-8181 · Linux+9 · Linux Kernel+9

Duoming Zhou

·

Published

2024-03-11

·

Updated

2025-09-29

·

CVE-2024-27046

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to a null pointer dereference bug in the nfp fl lag do work() function, which can occur when the physical memory runs out and kmalloc array() returns null. If the acti netdevs is dereferenced, it can cause a null pointer dereference bug. This can lead to a denial of service. A patch has been added to check for allocation failure and reschedule the delayed work if it happens.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2024:4928
ALSA-2025_16880
ALT-PU-2024-7511
BDU:2024-09723
CVE-2024-27046
DLA-3840-1
DLA-3842-1
DSA-5681-1
INFSA-2024_4928
OESA-2024-1677
OESA-2024-1678
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
RHSA-2024:4928
RHSA-2024:5364
RHSA-2024:5365
RHSA-2024_4928
RLSA-2024:4928
RXSA-2024:4928
SUSE-SU-2024:1643-1
SUSE-SU-2024:1644-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:1870-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20249-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6878-1
USN-6892-1
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6919-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu