CVE-2024-44990

Summary

In the Linux kernel, the following vulnerability has been resolved:

bonding: fix null pointer deref in bond_ipsec_offload_ok

We must check if there is an active slave before dereferencing the pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux18cb261afd7bf50134e5ccacc5ec91ea16efadd4 < 81216b9352be43f8958092d379f6dec85443c309affected
LinuxLinux18cb261afd7bf50134e5ccacc5ec91ea16efadd4 < 2f5bdd68c1ce64bda6bef4d361a3de23b04ccd59affected
LinuxLinux18cb261afd7bf50134e5ccacc5ec91ea16efadd4 < 32a0173600c63aadaf2103bf02f074982e8602abaffected
LinuxLinux18cb261afd7bf50134e5ccacc5ec91ea16efadd4 < 0707260a18312bbcd2a5668584e3692d0a29e3f6affected
LinuxLinux18cb261afd7bf50134e5ccacc5ec91ea16efadd4 < b70b0ddfed31fc92c8dc722d0afafc8e14cb550caffected
LinuxLinux18cb261afd7bf50134e5ccacc5ec91ea16efadd4 < 95c90e4ad89d493a7a14fa200082e466e2548f9daffected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.225 <= 5.10.*unaffected
LinuxLinux5.15.166 <= 5.15.*unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.48 <= 6.6.*unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References