PT-2024-8312 · Linux+5 · Linux Kernel+5

Mahmoud Adam

·

Published

2024-03-29

·

Updated

2025-02-03

·

CVE-2024-35902

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The vulnerability is related to a possible null dereference in the net/rds component of the Linux kernel. The issue arises when the cp parameter is null, and the code attempts to access cp->cp conn, leading to a null dereference. The vulnerability can be exploited to cause a denial of service. The cp parameter is not reassigned and is passed as null by certain call-sites, including rds get mr() and rds get mr for dest(). The code modified by the patch is guarded by IS ERR(trans private), where trans private is assigned based on the get mr() function, which can return an error pointer if the connection argument is null.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2024-09865
CVE-2024-35902
DLA-3840-1
DLA-3842-1
OESA-2024-1765
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-6893-1
USN-6893-2
USN-6893-3
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6917-1
USN-6918-1
USN-6927-1
USN-7019-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu